CVE-2019-11701 log

Source
Severity Low
Remote Yes
Type Cross-site scripting
Description
The default webcal: protocol handler in Firefox before 67.0 will load a web site vulnerable to cross-site scripting (XSS) attacks. This default was left in place as a legacy feature and has now been removed.
Group Package Affected Fixed Severity Status Ticket
AVG-966 firefox 66.0.5-1 67.0-1 Critical Fixed
Date Advisory Group Package Severity Description
23 May 2019 ASA-201905-9 AVG-966 firefox Critical multiple issues
References
https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11701
https://bugzilla.mozilla.org/show_bug.cgi?id=1518627