Lucene search

K

Redhat.comRH:CVE-2019-11712

HistoryJan 13, 2022 - 6:46 a.m.

CVE-2019-11712

2022-01-1306:46:55

redhat.com

access.redhat.com

13

0.004 Low

EPSS

Percentile

74.2%

POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery (CSRF) attacks. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

References

nvd.nist.gov/vuln/detail/CVE-2019-11712

www.cve.org/CVERecord?id=CVE-2019-11712

www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11712

0.004 Low

EPSS

Percentile

74.2%

Related for RH:CVE-2019-11712