VYPR
Unrated severityNVD Advisory· Published Oct 10, 2012· Updated Jun 16, 2026

CVE-2012-3985

CVE-2012-3985

Description

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly implement the HTML5 Same Origin Policy, which allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging initial-origin access after document.domain has been set.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.