Closed Martii closed 13 years ago
Reported upstream at greasemonkey#1206
Related prior commits discussed in #1192@greasemonkey/greasemonkey and deleted by Anthony: 8645924 d67ee51 89202cc c814483
Additional minimal optimization commit at 5c70d0f
Current GM upstream is no longer functional with current Moz nightly.
Closed by greasemonkey@3295db0
Original Title: document vulnerability found in greasemonkey@b339412
document
should be appended to the sandbox rather then evaluated in the sandbox.This is a security risk to allow the document variable to be controlled via a userscript and will lead to eventual exploitation because it is in the incorrect scope.