Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets
Published January 13, 2020.
Mozilla Firefox