VDB

CISA-2023-29540

CISA-2023-29540 PUBLISHED

Reported by mozilla · Published June 2, 2023

Using a redirect embedded into <code>sourceMappingUrls</code> could allow for navigation to external protocol links in sandboxed iframes without <code>allow-top-navigation-to-custom-protocols</code>. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Affected Products

VendorProductVersions
MozillaFirefox for Androidunspecified
MozillaFirefoxunspecified
MozillaFocus for Androidunspecified
MozillaFirefox for Androidunspecified, *
MozillaFirefox*, unspecified
MozillaFocus for Androidunspecified, unspecified

Timeline

  • Jun 2, 2023 CVE Published
  • Jan 9, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›