CVE-2019-11595

Severity CVSS v4.0:
Pending analysis
Type:
CWE-20 Input Validation
Publication date:
29/04/2019
Last modified:
27/09/2021

Description

In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ublockorigin:ublock_origin:*:*:*:*:*:*:*:* 0.9.5.15 (excluding)