Information disclosure vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird - CVE-2019-11698ID: oval:org.secpod.oval:def:55000 | Date: (C)2019-05-23 (M)2023-11-19 |
Class: VULNERABILITY | Family: macos |
Mozilla Firefox 67, Mozilla Firefox ESR 60.7 and Mozilla Thunderbird 60.7: If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop
event data. This allows for the theft of browser history by a malicious site.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.15 |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.14 |
Product: |
Mozilla Firefox |
Mozilla Firefox ESR |
Mozilla Thunderbird |