CVE-2024-43111

Summary

Long pressing on a download link could potentially allow Javascript commands to be executed within the browser This vulnerability affects Firefox for iOS < 129.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox for iOSunspecified < 129affected

Weaknesses

  • iOS Firefox allows to run javascript with download

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References