CVE-2019-11720
CVSS v3.1
6.1 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.52 % (77th)
Affected Products
2
Advisories
13
Some unicode characters are incorrectly treated as whitespace during the parsing of web content instead of triggering parsing errors. This allows malicious code to then be processed, evading cross-site scripting (XSS) filtering. This vulnerability affects Firefox < 68.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2019-07-23 14:15:16
(5 years ago) - Updated Date
-
2023-03-02 16:23:07
(18 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...