Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-11701

Опубликовано: 23 июл. 2019
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.1

Описание

The default webcal: protocol handler will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed. Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.. This vulnerability affects Firefox < 67.

РелизСтатусПримечание
bionic

released

67.0+build2-0ubuntu0.18.04.1
cosmic

released

67.0+build2-0ubuntu0.18.10.1
devel

released

67.0+build2-0ubuntu1
disco

released

67.0+build2-0ubuntu0.19.04.1
eoan

released

67.0+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

67.0+build2-0ubuntu1
groovy

released

67.0+build2-0ubuntu1
hirsute

released

67.0+build2-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/focal

ignored

esm-infra-legacy/trusty

DNE

esm-infra/bionic

ignored

focal

ignored

groovy

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 46%
0.00235
Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-11701

CVSS3: 6.1
nvd
больше 6 лет назад

The default webcal: protocol handler will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed. *Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.*. This vulnerability affects Firefox < 67.

debian логотип

CVE-2019-11701

CVSS3: 6.1
debian
больше 6 лет назад

The default webcal: protocol handler will load a web site vulnerable t ...

github логотип

GHSA-frqr-7x7p-q8jj

CVSS3: 6.1
github
больше 3 лет назад

The default webcal: protocol handler will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed. *Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.*. This vulnerability affects Firefox < 67.

fstec логотип

BDU:2020-00605

CVSS3: 6.1
fstec
больше 6 лет назад

Уязвимость идентификатора ресурсов webcal браузера Firefox, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю оказать воздействие на целостность данных

EPSS

Процентиль: 46%
0.00235
Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Уязвимость CVE-2019-11701