0.006 Low
EPSS
Percentile
79.3%
The unicode latin ‘kra’ character can be used to spoof a standard ‘k’ character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.
bugzilla.redhat.com/show_bug.cgi?id=1730984
nvd.nist.gov/vuln/detail/CVE-2019-11721
www.cve.org/CVERecord?id=CVE-2019-11721
www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11721