CVE-2019-11717
CVSS v3.1
5.3 (Medium)
CVSS v2.0
5 (Medium)
EPSS
1.22 % (86th)
Affected Products
6
Advisories
40
A vulnerability exists where the caret ("") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
Weaknesses
- CWE-116
- Improper Encoding or Escaping of Output
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2019-07-23 14:15:15
(5 years ago) - Updated Date
-
2023-02-28 14:38:39
(18 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...