Lucene search

K
prionPRIOn knowledge basePRION:CVE-2019-17016
HistoryJan 08, 2020 - 10:15 p.m.

Design/Logic Flaw

2020-01-0822:15:00
PRIOn knowledge base
www.prio-n.com
9

AI Score

6.5

Confidence

High

EPSS

0.003

Percentile

70.1%

When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

References