Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka firetabbing.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 1.0 (including) | 1.0 (including) |