CVE Catalog

CVE-1999-0762

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
1.49%

71th percentile — higher than 71% of all known CVEs

Summary

A vulnerability in Netscape Communicator allows a remote attacker to use the 'about' protocol to gain access to browser information when JavaScript is embedded within the TITLE tag.

Risk Assessment

An attacker could gain sensitive information about browser users, potentially leading to further attacks or privacy breaches.

Recommendation

It is recommended to avoid embedding JavaScript in the TITLE tag and to update the browser to the latest version to minimize risk.

Original NVD description (English source)

When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS