Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2019-11718

Disclosure Date: July 23, 2019 (last updated October 06, 2023)
Activity Stream can display content from sent from the Snippet Service website. This content is written to innerHTML on the Activity Stream page without sanitization, allowing for a potential access to other information available to the Activity Stream, such as browsing history, if the Snipper Service were compromised. This vulnerability affects Firefox < 68.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0