← CVECheck
HomeVulnerabilities

CVE-2004-0191 — MEDIUM severity vulnerability (Mozilla before 1.4.2 executes Javascript events in the conte)

Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.

CVE IDCVE-2004-0191
SeverityMEDIUM
CVSS score6.8
CVSS vectorAV:N/AC:M/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-03-15
Last modified2026-04-16
DescriptionMozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →