Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-4bey-3rug-uuev
Vulnerability ID VCID-4bey-3rug-uuev
Aliases CVE-2008-3835
Summary Mozilla security researcher moz_bug_r_a4 reported that the same-origin check in nsXMLDocument::OnChannelRedirect() could be bypassed. This vulnerability could be used to execute JavaScript in the context of a different website.Firefox 3 is not affected by this issueThunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This is not the default setting and we strongly discourage users from running JavaScript in mail.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00121 https://api.first.org/data/v1/epss?cve=CVE-2008-3835
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2008-38
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3835.json
https://api.first.org/data/v1/epss?cve=CVE-2008-3835
463182 https://bugzilla.redhat.com/show_bug.cgi?id=463182
CVE-2008-3835 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3835
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2008-38 https://www.mozilla.org/en-US/security/advisories/mfsa2008-38
RHSA-2008:0882 https://access.redhat.com/errata/RHSA-2008:0882
RHSA-2008:0908 https://access.redhat.com/errata/RHSA-2008:0908
USN-645-1 https://usn.ubuntu.com/645-1/
USN-645-2 https://usn.ubuntu.com/645-2/
USN-647-1 https://usn.ubuntu.com/647-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.30833
EPSS Score 0.00121
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T08:27:32.985820+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2008/mfsa2008-38.md 38.6.0