CVE-2019-11721

Summary

The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 68affected

Weaknesses

  • Domain spoofing through unicode latin 'kra' character

ADP Enrichment

CVE Program Container

Additional References

References