109 matches found
CVE-2022-31746
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...
Spoofing
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...
CVE-2022-31746
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...
CVE-2022-1887
The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...
CVE-2022-31746
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...
CVE-2022-1887
The search term could have been specified externally to trigger SQL injection. This vulnerability affects Firefox for iOS 101...
CVE-2022-31746
CVE-2022-31746 affects Firefox for iOS (versions prior to 102). The issue stems from a leaked secret UUID key via the Referrer header, which could allow an attacker to bypass internal URL protections and disclose protected information. The NVD/connected sources list an impact on integrity with a ...
CVE-2022-31746
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS 102...
CVE-2021-29958
When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS 34...
CVE-2021-29958
When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS 34...
CVE-2021-29958
When a download was initiated, the client did not check whether it was in normal or private browsing mode, which led to private mode cookies being shared in normal browsing mode. This vulnerability affects Firefox for iOS 34...
github firefox-ios 信息泄露漏洞
github firefox-ios is a github open source application. Firefox for iOS is provided. An information disclosure vulnerability exists in github firefox-ios, which stems from the application outputting too much data during private browsing. When a client initiates a download, it does not check wheth...
CVE-2020-15651
A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS 28...
CVE-2020-15662
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...
CVE-2020-15661
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS 28...
CVE-2020-15662
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...
Privilege escalation
A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS 28...
Design/Logic Flaw
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS 28...
Design/Logic Flaw
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS 28...
CVE-2020-15661
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS 28...