8 matches found
CVE-2025-27425
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27425
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27425
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27425
creationtimestamp| type| source ---|---|--- 2025-03-04 14:06:39+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114104546018145703 2025-03-04 15:50:36+00:00| seen| https://t.me/cvedetector/19497 2025-08-19 13:26:45+00:00| seen| MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72...
CVE-2025-27425 QR code user confirmation bypass with invalid protocol
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27425
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27425 QR code user confirmation bypass with invalid protocol
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2025-27425
Firefox for iOS before version 136 is vulnerable to QR-code URL handling where scanning text in a QR code could open the URL without a user confirmation alert. This affects Firefox for iOS builds prior to 136; Mozilla MFSA2025-13 indicates related URL-spoofing/redirect concerns. Remediation: upda...