CVE-2019-17022
MEDIUMFirefox < 72.0 and Firefox ESR < 68.4 - Cross-Site Scripting via Style Tag Pasting
Title source: llmDescription
When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
References (25)
Core 25
Core References
Permissions Required x_refsource_misc
https://bugzilla.mozilla.org/show_bug.cgi?id=1602843
Vendor Advisory x_refsource_confirm
https://www.mozilla.org/security/advisories/mfsa2020-01/
Vendor Advisory x_refsource_confirm
https://www.mozilla.org/security/advisories/mfsa2020-02/
Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2020/Jan/12
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/01/msg00005.html
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2020/dsa-4600
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4234-1/
Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2020/Jan/18
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0085
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0086
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/155912/Slackware-Security-Advisory-mozilla-thunderbird-Updates.html
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0111
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0120
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0123
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0127
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4241-1/
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2020/dsa-4603
Mailing List mailing-list
x_refsource_bugtraq
https://seclists.org/bugtraq/2020/Jan/26
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/01/msg00016.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00043.html
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0292
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0295
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/202003-02
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4335-1/
Scores
CVSS v3
6.1
EPSS
0.0392
EPSS Percentile
88.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (17)
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
19.04
canonical/ubuntu_linux
19.10
debian/debian_linux
8.0
debian/debian_linux
9.0
debian/debian_linux
10.0
mozilla/firefox
< 72.0
mozilla/firefox_esr
< 68.4
redhat/enterprise_linux_desktop
6.0
... and 7 more
Published
Jan 08, 2020
Tracked Since
Feb 18, 2026