CVE-2019-17014

CVSS v3.1 7.4 (High)

CVSS v2.0 4.3 (Medium)

EPSS 0.17 % (54^th)

Affected Products 1

Advisories 4

If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71.

Weaknesses

CWE-863: Incorrect Authorization

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2020-01-08 22:15:12
(4 years ago)
Updated Date: 2021-07-21 11:39:23
(3 years ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox prior 71.0 version	cpe:2.3:a:mozilla:firefox		< 71.0