CVE-2025-23108

Опубликовано: 11 янв. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Firefox for iOS < 134.

Ссылки

https://bugzilla.mozilla.org/show_bug.cgi?id=1933172
Issue Tracking
Permissions Required
https://www.mozilla.org/security/advisories/mfsa2025-06/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*

Версия до 134.0 (исключая)

EPSS

Процентиль: 17%

0.00053

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-23108

CVSS3: 4.3

ubuntu

6 месяцев назад

Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Firefox for iOS < 134.

CVE-2025-23108

CVSS3: 4.3

debian

6 месяцев назад

Opening Javascript links in a new tab via long-press in the Firefox iO ...

GHSA-v3v8-99w9-8c5h

CVSS3: 4.3

github

6 месяцев назад

Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Firefox for iOS < 134.

EPSS

Процентиль: 17%

0.00053

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-79