Mozilla today patched eight vulnerabilities in Firefox as it shipped the latest iteration in its rapid release schedule.
Firefox 10, sixth in the line of updates that have been rolling off the development line every six weeks since mid-2011, fixed half a dozen flaws rated "critical," Mozilla's highest threat ranking, and another two labeled "high."
One of the notable vulnerabilities addressed in Firefox 10 could open users to cross-site scripting (XSS) attacks because the browser did not properly run a security check when calling untrusted scripting objects, said Mozilla.
"The fix enables the Script Security Manager (SSM) to force security checks on all frame scripts," an accompanying advisory noted.
rest here 
Release Notes