|Description||Mozilla Firefox before 220.127.116.11 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute.|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
|References||DSA-1392-1, DSA-1396-1, DSA-1401-1, DTSA-69-1, DTSA-80-1|
|NVD severity||medium (attack range: remote)|
The information below is based on the following data on fixed versions.