Yoono Firefox extension versions prior to 6.1.1 suffer from a code injection vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85089/yoono-inject.txt
Source: https://packetstormsecurity.com/files/85089/Yoono-Firefox-Extension-Injection.html