CVE-2019-11715: XSS

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-11715.

Q: Which software versions are affected by this vulnerability?

This vulnerability affects Firefox ESR versions prior to 60.8, Firefox versions prior to 68, and Thunderbird versions prior to 60.8.

Q: What is the severity of CVE-2019-11715?

CVE-2019-11715 has a severity score of 6.1 (medium severity).

Q: How can this vulnerability be exploited?

This vulnerability can be exploited by misinterpreting properly sanitized user input, leading to XSS hazards on certain websites.

Q: How do I fix CVE-2019-11715?

To fix CVE-2019-11715, you should update Firefox ESR to version 60.8 or later, Firefox to version 68 or later, or Thunderbird to version 60.8 or later.

Published Jul 9, 2019

Updated

Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances.

Affected Software

8 affected componentsFixes available

Mozilla Thunderbird<60.8

60.8

Mozilla Thunderbird<68

Mozilla Firefox<68.0

Mozilla Firefox ESR<60.8.0

Mozilla Thunderbird<60.8.0

Mozilla Firefox<68

Mozilla Firefox ESR<60.8

60.8

Mozilla Firefox<60.8.0

Event History

Jul 9, 2019

CVE Published

via Mozilla·12:00 AM

Jul 23, 2019

CVE Published

via MITRE·01:18 PM

Data Sourced

via MITRE·01:18 PM

DescriptionWeakness

Data Sourced

via NVD·02:15 PM

DescriptionSeverityWeaknessAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-11715.

Which software versions are affected by this vulnerability?

This vulnerability affects Firefox ESR versions prior to 60.8, Firefox versions prior to 68, and Thunderbird versions prior to 60.8.

What is the severity of CVE-2019-11715?