CVE-2019-11723: High severity firefox vulnerability
A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different "containers" for people who use the Firefox Multi-Account Containers Web Extension.
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
Frequently Asked Questions
What is CVE-2019-11723?
CVE-2019-11723 refers to a vulnerability that exists during the installation of add-ons in Mozilla Firefox and Thunderbird, which could leak cookies in private browsing mode or across different containers.
Which software versions are affected by CVE-2019-11723?
Mozilla Firefox versions up to but excluding 68.0, Mozilla Thunderbird versions up to but excluding 68.0, openSUSE Leap 15.0, and openSUSE Leap 15.1 are affected by CVE-2019-11723.
What is the severity of CVE-2019-11723?
The severity of CVE-2019-11723 is rated as high with a severity value of 7.5.
How can I fix the vulnerability CVE-2019-11723?
To fix CVE-2019-11723, update your Mozilla Firefox or Thunderbird to version 68.0 or later, or update your openSUSE Leap 15.0 or 15.1 to the latest patches.
Where can I find more information about CVE-2019-11723?
You can find more information about CVE-2019-11723 on the Mozilla Bugzilla website and the Mozilla Security Advisories website.