CVE Published: 23/07/2019 |
CVE Updated: 04/08/2024 |
CVE Year: 2019 Source: mozilla |
Vendor: Mozilla |
Product: Firefox ESR Status : PUBLISHED
CVE-2019-11717 Description
A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.