CVE-2013-5612

CVE Database · CVE-2013-5612

CVE-2013-5612

· N/AModified

CVSS v3.1

N/A

EPSS

3.40%

Published

Dec 11, 2013

Modified

Apr 28, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header.

Weaknesses (CWE)

CWE-79

Affected Products (26)

mozilla · firefox (up to 26.0)vulnerable

mozilla · seamonkey (up to 2.23)vulnerable

fedoraproject · fedoravulnerable

oracle · solarisvulnerable

canonical · ubuntu_linuxvulnerable