Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139.
The product uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 139.0 (excluding) |
Firefox | Ubuntu | focal | * |
Thunderbird | Ubuntu | focal | * |