Full title: Firefox For Android Same-Origin Bypass 
Category: remote exploits
Platform: Android
Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a local file.

# 0day.today @ http://0day.today/