In Adblock Plus before 3.5.2, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-04-29T14:30:34

Updated: 2024-08-04T22:55:41.042Z

Reserved: 2019-04-29T00:00:00

Link: CVE-2019-11593

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-04-29T15:29:00.560

Modified: 2024-11-21T04:21:24.373

Link: CVE-2019-11593

cve-icon Redhat

No data.