CVE-2019-11717 vulnerability in Mozilla and Other Products
Published on July 23, 2019

A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2019-11717

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-11717 are published in these products:

Mozilla Firefox

Mozilla FireFox Extended Support Release (ESR)

Mozilla Thunderbird

Debian Linux

Novell Suse Package Hub Suse Linux Enterprise

OpenSuse Leap

Affected Versions

Mozilla Firefox ESR:

Version unspecified and below 60.8 is affected.

Mozilla Firefox:

Version unspecified and below 68 is affected.

Mozilla Thunderbird:

Version unspecified and below 60.8 is affected.

Exploit Probability

EPSS

5.01%

Percentile

89.51%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-11717 vulnerability in Mozilla and Other ProductsPublished on July 23, 2019

Products Associated with CVE-2019-11717

Affected Versions

Exploit Probability

CVE-2019-11717 vulnerability in Mozilla and Other Products
Published on July 23, 2019