Mozilla is set to release version 2.0.0.10 of its Firefox browser next week, repairing a long-standing security flaw that could be used to launch a cross-site scripting attack against the browser.

The issue was first reported last February and has gained widespread attention since. Most recently, a researcher showed how an attacker could sneak malicious code into Jar-compressed documents to gain access to a victims' Gmail account and other sensitive data stored on the Google Web site. The update is already in testing and should be released to the public next week, following the Thanksgiving holiday.