Mozilla Foundation Security Advisory 2005-26

Cross-site scripting by dropping javascript: link on tab

Announced

February 24, 2005

Reporter

Michael Krax

Risk

Low

Impact

Critical

Products

Firefox, Mozilla Suite

Fixed in

Firefox 1.0.1
Mozilla Suite 1.7.6

Description

Dropping a javascript: or data: link on a tab executes in the context of the site already loaded in the tab. If an attacker could convince a user to drag and drop such a link on a particular tab this could be used to steal information or credentials associated with the site in that tab.

If the target tab contained privileged content, such as about:config, the dropped javascript link could run arbitrary code on the user's machine.

Workaround

Don't drag and drop opaque links. Disable Javascript.

References

http://www.mikx.de/firetabbing/
https://bugzilla.mozilla.org/show_bug.cgi?id=280056

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice