The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar in Firefox before 68.0. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion.
The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar in Firefox before 68.0. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion.
https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11721 https://bugzilla.mozilla.org/show_bug.cgi?id=1256009