Lucene search

[email protected]CVE-2019-17022

HistoryJan 08, 2020 - 10:15 p.m.

CVE-2019-17022

2020-01-0822:15:00

CWE-79

[email protected]

web.nvd.nist.gov

185

cve-2019-17022

information security

xss

vulnerability

css

sanitizer

web browser

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

71.5%

JSON

When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node’s innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

VendorProductVersionCPE
mozillafirefox_esr*cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox_esr	*	cpe:2.3:a:mozilla:firefox_esr::::::::
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::

References

lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html

lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html

packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html

access.redhat.com/errata/RHSA-2020:0085

access.redhat.com/errata/RHSA-2020:0086

access.redhat.com/errata/RHSA-2020:0111

access.redhat.com/errata/RHSA-2020:0120

access.redhat.com/errata/RHSA-2020:0123

access.redhat.com/errata/RHSA-2020:0127

access.redhat.com/errata/RHSA-2020:0292

access.redhat.com/errata/RHSA-2020:0295

bugzilla.mozilla.org/show_bug.cgi?id=1602843

lists.debian.org/debian-lts-announce/2020/01/msg00005.html

lists.debian.org/debian-lts-announce/2020/01/msg00016.html

seclists.org/bugtraq/2020/Jan/12

seclists.org/bugtraq/2020/Jan/18

seclists.org/bugtraq/2020/Jan/26

security.gentoo.org/glsa/202003-02

usn.ubuntu.com/4234-1/

usn.ubuntu.com/4241-1/

usn.ubuntu.com/4335-1/

www.debian.org/security/2020/dsa-4600

www.debian.org/security/2020/dsa-4603

www.mozilla.org/security/advisories/mfsa2020-01/

www.mozilla.org/security/advisories/mfsa2020-02/

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

71.5%

JSON

Related for CVE-2019-17022

veracode1 alpinelinux1 debiancve1 prion1 redhatcve1 ubuntucve1 ibm1 osv4 openvas19 nessus52 redhat8 archlinux2 amazon1 oraclelinux6 mageia2 centos4 debian4 altlinux2 kaspersky3 mozilla3 suse2 slackware1 ubuntu3 gentoo1