Логотип exploitDog
bind:"GHSA-28hh-9xvh-vcr3" OR bind:"CVE-2019-11698"
Консоль
Логотип exploitDog

exploitDog

bind:"GHSA-28hh-9xvh-vcr3" OR bind:"CVE-2019-11698"

Количество 17

Количество 17

github логотип

GHSA-28hh-9xvh-vcr3

около 3 лет назад

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 5.3
EPSS: Низкий
ubuntu логотип

CVE-2019-11698

около 6 лет назад

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 5.3
EPSS: Низкий
redhat логотип

CVE-2019-11698

около 6 лет назад

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 6.1
EPSS: Низкий
nvd логотип

CVE-2019-11698

около 6 лет назад

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 5.3
EPSS: Низкий
debian логотип

CVE-2019-11698

около 6 лет назад

If a crafted hyperlink is dragged and dropped to the bookmark bar or s ...

CVSS3: 5.3
EPSS: Низкий
fstec логотип

BDU:2019-03561

около 6 лет назад

Уязвимость браузеров Firefox, Firefox ESR, почтового клиента Thunderbird, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 5.3
EPSS: Низкий
oracle-oval логотип

ELSA-2019-1310

около 6 лет назад

ELSA-2019-1310: thunderbird security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2019-1309

около 6 лет назад

ELSA-2019-1309: thunderbird security update (IMPORTANT)

EPSS: Низкий
oracle-oval логотип

ELSA-2019-1308

около 6 лет назад

ELSA-2019-1308: thunderbird security update (IMPORTANT)

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2019:1405-1

около 6 лет назад

Security update for MozillaFirefox

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2019:1388-1

около 6 лет назад

Security update for MozillaFirefox

EPSS: Низкий
oracle-oval логотип

ELSA-2019-1269

около 6 лет назад

ELSA-2019-1269: firefox security update (CRITICAL)

EPSS: Низкий
oracle-oval логотип

ELSA-2019-1267

около 6 лет назад

ELSA-2019-1267: firefox security update (CRITICAL)

EPSS: Низкий
oracle-oval логотип

ELSA-2019-1265

около 6 лет назад

ELSA-2019-1265: firefox security update (CRITICAL)

EPSS: Низкий
suse-cvrf логотип

openSUSE-SU-2019:1484-1

около 6 лет назад

Security update for MozillaThunderbird

EPSS: Низкий
suse-cvrf логотип

SUSE-SU-2019:1458-1

около 6 лет назад

Security update for MozillaThunderbird

EPSS: Низкий
suse-cvrf логотип

openSUSE-SU-2019:1534-1

около 6 лет назад

Security update for MozillaFirefox

EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
github логотип
GHSA-28hh-9xvh-vcr3

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 5.3
0%
Низкий
около 3 лет назад
ubuntu логотип
CVE-2019-11698

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 5.3
0%
Низкий
около 6 лет назад
redhat логотип
CVE-2019-11698

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 6.1
0%
Низкий
около 6 лет назад
nvd логотип
CVE-2019-11698

If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7.

CVSS3: 5.3
0%
Низкий
около 6 лет назад
debian логотип
CVE-2019-11698

If a crafted hyperlink is dragged and dropped to the bookmark bar or s ...

CVSS3: 5.3
0%
Низкий
около 6 лет назад
fstec логотип
BDU:2019-03561

Уязвимость браузеров Firefox, Firefox ESR, почтового клиента Thunderbird, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю получить доступ к конфиденциальным данным

CVSS3: 5.3
0%
Низкий
около 6 лет назад
oracle-oval логотип
ELSA-2019-1310

ELSA-2019-1310: thunderbird security update (IMPORTANT)

около 6 лет назад
oracle-oval логотип
ELSA-2019-1309

ELSA-2019-1309: thunderbird security update (IMPORTANT)

около 6 лет назад
oracle-oval логотип
ELSA-2019-1308

ELSA-2019-1308: thunderbird security update (IMPORTANT)

около 6 лет назад
suse-cvrf логотип
SUSE-SU-2019:1405-1

Security update for MozillaFirefox

около 6 лет назад
suse-cvrf логотип
SUSE-SU-2019:1388-1

Security update for MozillaFirefox

около 6 лет назад
oracle-oval логотип
ELSA-2019-1269

ELSA-2019-1269: firefox security update (CRITICAL)

около 6 лет назад
oracle-oval логотип
ELSA-2019-1267

ELSA-2019-1267: firefox security update (CRITICAL)

около 6 лет назад
oracle-oval логотип
ELSA-2019-1265

ELSA-2019-1265: firefox security update (CRITICAL)

около 6 лет назад
suse-cvrf логотип
openSUSE-SU-2019:1484-1

Security update for MozillaThunderbird

около 6 лет назад
suse-cvrf логотип
SUSE-SU-2019:1458-1

Security update for MozillaThunderbird

около 6 лет назад
suse-cvrf логотип
openSUSE-SU-2019:1534-1

Security update for MozillaFirefox

около 6 лет назад

Уязвимостей на страницу