CVE-2022-31746

Summary

Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability affects Firefox for iOS < 102.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox for iOSunspecified < 102affected

Weaknesses

  • Privileged internal URL protection could be bypassed through referrer header.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References