Описание
Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132.
Ссылки
- Issue TrackingPermissions Required
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 132.0 (исключая)
cpe:2.3:a:mozilla:firefox_focus:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 53%
0.00297
Низкий
6.5 Medium
CVSS3
9.1 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-287
Связанные уязвимости
CVSS3: 6.5
debian
больше 1 года назад
Focus was incorrectly allowing internal links to utilize the app schem ...
CVSS3: 9.1
github
больше 1 года назад
Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking, which could result in links potentially circumventing some URL safety checks This vulnerability affects Focus for iOS < 132.
EPSS
Процентиль: 53%
0.00297
Низкий
6.5 Medium
CVSS3
9.1 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-287