An issue has been found in Firefox before 70.0 and Thunderbird before 68.2, where failure to correctly handle null bytes when processing HTML entities resulted in incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters, enabling the use of entities to mask the actual characters of interest from filters.
|26 Oct 2019||ASA-201910-16||AVG-1055||firefox||Critical||multiple issues|
|26 Oct 2019||ASA-201910-15||AVG-1054||thunderbird||Critical||multiple issues|
https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11763 https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11763 https://bugzilla.mozilla.org/show_bug.cgi?id=1584216