PT-2019-4868 · Mozilla+5 · Firefox+5
Michał Bentkowski
·
Published
2019-12-03
·
Updated
2024-12-12
·
CVE-2019-17022
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Firefox ESR versions prior to 68.4
Firefox versions prior to 72
Description
The issue arises when a
<style> tag is pasted from the clipboard into a rich text editor, and the CSS sanitizer fails to escape < and > characters. Although this does not directly result in webpage injection, it can lead to an XSS vulnerability if a webpage copies the node's innerHTML and assigns it to another innerHTML. Two WYSIWYG editors have been identified with this behavior, suggesting more may exist.Recommendations
For Firefox ESR versions prior to 68.4, update to version 68.4 or later.
For Firefox versions prior to 72, update to version 72 or later.
As a temporary workaround, consider disabling the use of rich text editors that exhibit this behavior until a patch is available.
Restrict access to innerHTML assignments to minimize the risk of exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Centos
Firefox
Red Hat
Suse
Ubuntu