Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
来源:NVD
Firefox 1.0以及Mozilla 1.7.5之前的版本允许远程攻击者通过用户可中击在新表中打开的链接"with a custom getter and toString method"来装载本地文件。