CVE-2021-23957

Summary

Navigations through the Android-specific intent URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox < 85.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox< 85affected

Weaknesses

  • Iframe sandbox could have been bypassed on Android via the intent URL scheme

ADP Enrichment

CVE Program Container

Additional References

References