DescriptionThe focus handling for the onkeydown event in Mozilla Firefox 22.214.171.124, 126.96.36.199 and other versions before 188.8.131.52, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which bypasses the focus prevention, as demonstrated by changing focus from a textarea to a file upload field.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- SUSE-SA:2007:057, published Thu, 25 Oct 2007 18:00:00 +0000