Technical
Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

...
...

Vulnerability

Firefox IOS QR Code Reader XSS

Vulnerability Description

This vulnerability allows an attacker to steal victim’s cookies, personal data and other valuable information from different origins just by scanning a QR code

CVE-ID

CVE-2019-17003

Vendor

Firefox

Product

Firefox IOS

Disclosure Timeline

  1. 18 July 2019 reported to the vendor
  2. 22 October 2019 fixed released by the vendor

Credits

Nikhil Mittal