Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation10 reference(s) from NVD