Launchpad.net

CVE 2019-11721

The unicode latin 'kra' character can be used to spoof a standard 'k' character in the addressbar. This allows for domain spoofing attacks as do not display as punycode text, allowing for user confusion. This vulnerability affects Firefox < 68.

See the CVE page on Mitre.org for more details.