← voltar
CVE-2019-17016

CVE-2019-17016

EPSS 2.0%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 2.0%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
08 jan 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
When pasting a &lt;style&gt; tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Produtos afetados
Mozilla · FirefoxMozilla · Firefox ESR

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.htmlhttp://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.htmlhttps://access.redhat.com/errata/RHSA-2020:0085https://access.redhat.com/errata/RHSA-2020:0086https://access.redhat.com/errata/RHSA-2020:0111https://access.redhat.com/errata/RHSA-2020:0120https://access.redhat.com/errata/RHSA-2020:0123https://access.redhat.com/errata/RHSA-2020:0127https://access.redhat.com/errata/RHSA-2020:0292https://access.redhat.com/errata/RHSA-2020:0295https://bugzilla.mozilla.org/show_bug.cgi?id=1599181