cbcvebase.
CVE-2007-1878
published 2007-04-06

CVE-2007-1878: Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox…

PriorityP427medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
5.04%
91.2th percentile
Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.03 for Mozilla Firefox allows remote attackers to bypass zone restrictions, read arbitrary file:// URIs, or execute arbitrary code in the browser chrome, as demonstrated via the runFile function, related to lack of HTML escaping in the property name.

Affected

3 ranges
VendorProductVersion rangeFixed in
parakey_incfirebug<= 1.03
parakey_incfirebug
parakey_incfirebug
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.