CVE-2019-11744 Information

Description

Some HTML elements such as <title> and <textarea> can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements. This vulnerability affects Firefox 69 Thunderbird 68.1 Thunderbird 60.9 Firefox ESR 60.9 and Firefox ESR 68.1.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html https://bugzilla.mozilla.org/show_bug.cgi?id=1562033 https://security.gentoo.org/glsa/201911-07 https://usn.ubuntu.com/4150-1/ https://www.mozilla.org/security/advisories/mfsa2019-25/ https://www.mozilla.org/security/advisories/mfsa2019-26/ https://www.mozilla.org/security/advisories/mfsa2019-27/ https://www.mozilla.org/security/advisories/mfsa2019-29/ https://www.mozilla.org/security/advisories/mfsa2019-30/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1