When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95.
References
Link | Resource |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1739934 | Issue Tracking Permissions Required |
https://www.mozilla.org/security/advisories/mfsa2021-52/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mozilla
Published: 2021-12-08T21:19:31
Updated: 2021-12-08T21:19:31
Reserved: 2021-11-08T00:00:00
Link: CVE-2021-43544
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-08T22:15:09.997
Modified: 2021-12-10T13:33:02.133
Link: CVE-2021-43544
JSON object: View
Redhat Information
No data.
CWE