CVE-2019-11724 - log back

CVE-2019-11724 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ Application permissions in Firefox before 68.0 give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another site. This additional permission is unnecessary and is a potential vector for malicious attacks.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11724
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1512511
Notes