Link to the security advisory (i.e. warning) of Danish Secunia company:
Firefox Sage Extension Feed Script Insertion Vulnerability
From the Description field:
Fukumori has reported a vulnerability in the Sage extension for Firefox, which can be exploited by malicious people to conduct script insertion attacks.
The vulnerability is caused due to an input validation error in the processing of certain tags in RSS feeds. This can e.g. be exploited to insert and execute arbitrary HTML and script code in a local context by tricking a user into adding a malicious feed and then viewing its contents.
The vulnerability is reported in version 1.3.9. Prior versions may also be affected.
Version 1.3.10 is not affected.
The official page of the Sage entension:
http://sage.mozdev.org/
UserAgent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.1.1) Gecko/20061204 Firefox/2.0.0.1
