CVE-2019-11701
EUVD-2019-337123.07.2019, 14:15
The default webcal: protocol handler will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed. *Note: this issue only affects users with an account on the vulnerable service. Other users are unaffected.*. This vulnerability affects Firefox < 67.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 67.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||||||||||||||||||||||
| mozjs38 |
| ||||||||||||||||||||||||||||||
| mozjs52 |
| ||||||||||||||||||||||||||||||
| mozjs60 |
|