Technical
Advisory
Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.
Vulnerability
Firefox IOS QR Code Reader XSS
Vulnerability Description
This vulnerability allows an attacker to steal victim’s cookies, personal data and other valuable information from different origins just by scanning a QR code
CVE-ID
CVE-2019-17003
Vendor
Firefox
Product
Firefox IOS
Disclosure Timeline
- 18 July 2019 reported to the vendor
- 22 October 2019 fixed released by the vendor
Credits
Nikhil Mittal