CVE-2019-11594

Severity CVSS v4.0:
Pending analysis
Type:
CWE-94 Code Injection
Publication date:
29/04/2019
Last modified:
24/08/2020

Description

In AdBlock before 3.45.0, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:getadblock:adblock:*:*:*:*:*:chrome:*:* 3.45.0 (excluding)