PT-2019-3443 · Mozilla+5 · Firefox Esr+7

Linus Särud

·

Published

2019-07-10

·

Updated

2024-12-12

·

CVE-2019-11715

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Firefox ESR versions prior to 60.8 Firefox versions prior to 68 Thunderbird versions prior to 60.8
Description The issue is related to an error in parsing page content, which can cause properly sanitized user input to be misinterpreted. This can lead to XSS hazards on websites under certain circumstances. The vulnerability may allow a remote attacker to execute arbitrary code.
Recommendations For Firefox ESR versions prior to 60.8, update to version 60.8 or later. For Firefox versions prior to 68, update to version 68 or later. For Thunderbird versions prior to 60.8, update to version 60.8 or later.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2019-2231
ALT-PU-2019-2233
ALT-PU-2019-2249
ALT-PU-2019-2259
ALT-PU-2019-2301
ALT-PU-2019-2324
ALT-PU-2019-2479
ALT-PU-2019-2486
ALT-PU-2020-1166
ALT-PU-2020-1515
BDU:2019-03614
CESA-2019_1763
CESA-2019_1764
CESA-2019_1765
CESA-2019_1775
CESA-2019_1777
CESA-2019_1799
CVE-2019-11715
DLA-1869-1
DLA-1870-1
DSA-4479-1
DSA-4482-1
MGASA-2019-0211
MGASA-2019-0212
MGASA-2019-0213
MGASA-2019-0272
OPENSUSE-SU-2019:1782-1
OPENSUSE-SU-2019:1811-1
OPENSUSE-SU-2019:1813-1
OPENSUSE-SU-2019:1990-1
OPENSUSE-SU-2019:2248-1
OPENSUSE-SU-2019:2249-1
OPENSUSE-SU-2019_1782-1
OPENSUSE-SU-2019_1811-1
OPENSUSE-SU-2019_1813-1
OPENSUSE-SU-2019_2248-1
OPENSUSE-SU-2019_2249-1
OPENSUSE-SU-2024:10600-1
OPENSUSE-SU-2024:10601-1
OPENSUSE-SU-2024:14572-1
RHSA-2019:1763
RHSA-2019:1764
RHSA-2019:1765
RHSA-2019:1775
RHSA-2019:1777
RHSA-2019:1799
RHSA-2019_1763
RHSA-2019_1764
RHSA-2019_1765
RHSA-2019_1775
RHSA-2019_1777
RHSA-2019_1799
SUSE-SU-2019:14124-1
SUSE-SU-2019:14246-1
SUSE-SU-2019:1861-1
SUSE-SU-2019:1861-2
SUSE-SU-2019:1861-3
SUSE-SU-2019:1869-1
SUSE-SU-2019:1960-1
SUSE-SU-2019:2515-1
SUSE-SU-2019:2620-1
SUSE-SU-2019_14124-1
SUSE-SU-2019_14246-1
USN-4054-1
USN-4054-2
USN-4064-1

Affected Products

Alt Linux
Centos
Firefox
Firefox Esr
Red Hat
Suse
Thunderbird
Ubuntu