Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2015-03-24T00:00:00
Updated: 2016-12-20T16:57:01
Reserved: 2015-01-07T00:00:00
Link: CVE-2015-0818
JSON object: View
NVD Information
Status : Modified
Published: 2015-03-24T00:59:07.250
Modified: 2016-12-22T02:59:27.597
Link: CVE-2015-0818
JSON object: View
Redhat Information
No data.
CWE