Another Firefox vulnerability spotted
In its quest for being the leading Internet Explorer alternative for safer web browsing, Firefox has once again showed a security vulnerability. This time it was a critical design failure, which gives cybercriminals the ability to compromise websites and browsers via cross-site scripting attacks. The main problem is that Firefox treats data URLs like JavaScript URLs, resulting in privileges for data URLs that could lead to potential malicious activity. It remains to be seen as to how hackers themselves will exploit this error in firefox design.
Although this vulnerability is not highly dangerous (as script blocking Firefox extensions can easily handle the problem), users who are less security-savvy may encounter dangerous situations when browsing with Firefox. Browser developers promised to look into this issue. However, it seems that only a high level attack could persuade them to put a vulnerability-fix to the top of their priority list.
Recently commented malware