Search for vulnerabilities
Vulnerability details: VCID-cgax-2jmz-uyak
Vulnerability ID VCID-cgax-2jmz-uyak
Aliases CVE-2013-0795
Summary Security researcher Cody Crews reported a mechanism to use the cloneNode method to bypass System Only Wrappers (SOW) and clone a protected node. This allows violation of the browser's same origin policy and could also lead to privilege escalation and the execution of arbitrary code. In general these flaws cannot be exploited through email in the Thunderbird and SeaMonkey products because scripting is disabled, but are potentially a risk in browser or browser-like contexts in those products.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.79953
EPSS Score 0.0145
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:10:21.346500+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2013/mfsa2013-36.md 37.0.0