Mozilla released version 16.0.2 to address a critical security issue which, if unfixed, could be combined with some plugins to perform a cross-site scripting (XSS) attack on users.

https://www.mozilla.org/security/ann...sa2012-90.html

Jim