Mozilla SeaMonkey CVE-2015-4478 Information Disclosure Vulnerability

description-logoDescription

Security researcher Andr Bargull reported non-configurable properties on JavaScript objects can be redefined while parsing JSON in violation of the ECMAScript 6 standard. This allows malicious web content to bypass same-origin policy by editing these properties to arbitrary values.

affected-products-logoAffected Applications

SeaMonkey

CVE References

CVE-2015-4478