Cross Site File Upload Forgery Mozilla Firefox 4

Mozilla Firefox 4 incorporates Cross Origin Resource Sharing, which is being espoused by the Web Application Working Group of W3C, through some significant changes in the XMLHttpRequest object. While these changes make mash-ups between applications more dynamic, they also make it possible upload files through Cross Site Request Forgery or the Click Jack attack.