It was found that malicious code could be inserted into the collection of Mozilla Add- US. Estes Add – ons are basically used to organize ons for personal and business purposes and can be shared on social networks also.
“Since the Mozilla add-on site has millions of downloads, it is easily possible for the attacker to convince the victim to visit the collection page”, said the expert SecurityWeek.
Users were later exposed to all kinds of virus attack that could be carried out through XSS flaws and most common attack was the cookie theft.
Sites are generally vulnerable to XSS flaw, add-on collections are very useful for Firefox users, like this, to discover the problem Sr. Javed received $ 2.500 da Mozilla. There were two other bugs discovered on
This is not the first time he had received a heavy amount, Google awarded him US $ 3.000 for XSS reflected in the main bar to search YouTube Gaming site