Unrated severityNVD Advisory· Published Apr 18, 2007· Updated Apr 23, 2026

CVE-2007-2060

Description

Cross-zone scripting vulnerability in the Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox allows remote attackers to execute arbitrary Javascript in the browser chrome via the RSS feed DOM.

Affected products

Wizz Computers/Wizz Rss Reader
cpe:2.3:a:wizz_computers:wizz_rss_reader:*:*:*:*:*:*:*:*
Range: <=2.1.8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/319464nvdPatchUS Government Resource
osvdb.org/34534nvd
secunia.com/advisories/24913nvd
wizzrss.blat.co.za/2009/11/17/so-much-for-nsiscriptableunescapehtmlparsefragment/nvd
www.kb.cert.org/vuls/id/MIMG-6ZKP4Tnvd
www.securityfocus.com/bid/23523nvd
www.vupen.com/english/advisories/2007/1425nvd
addons.mozilla.org/en-US/firefox/addon/424nvd
exchange.xforce.ibmcloud.com/vulnerabilities/33693nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000