Mozilla SeaMonkey CVE-2015-4478 Information Disclosure Vulnerability
Description
Security researcher Andr Bargull reported non-configurable properties on JavaScript objects can be redefined while parsing JSON in violation of the ECMAScript 6 standard. This allows malicious web content to bypass same-origin policy by editing these properties to arbitrary values.
Affected Applications
SeaMonkey