CVE-2019-12592

A universal Cross-site scripting (UXSS) vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame.
Configurations

Configuration 1 (hide)

cpe:2.3:a:evernote:web_clipper:*:*:*:*:*:chrome:*:*

History

No history.

Information

Published : 2019-06-18 21:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-12592

Mitre link : CVE-2019-12592

CVE.ORG link : CVE-2019-12592


JSON object : View

Products Affected

evernote

  • web_clipper
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')