suse · CVE-2013-1709

Quick triage

Priority: medium Published: 2021-05-30 13:10:22 UTC Updated: 2026-04-18 19:00:33 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2013-1709 severity moderate: SUSE including 82 source package names (MozillaFirefox-140.2.0-160000.1.2, MozillaFirefox-17.0.8esr-0.4.2.1, …), 112 product×package rows across 38 product lines (SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Desktop 11 SP3, … (38 product lines)): Fixed 112.

Description:

Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FRAME elements and history, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors involving spoofing a relative location in a previously visited document.

cvelogic Threat Intelligence