Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability was fixed in Firefox 142.
Spoofing issue in the Address Bar component. This vulnerability was fixed in Firefox 142 and Firefox ESR 140.2.
Spoofing issue in the Toolbar component in Firefox for Android. This vulnerability was fixed in Firefox 151.
Websites could utilize Javascript links to spoof URL addresses in the Focus navigation bar This vulnerability affects Focus for iOS < 130.
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 143 and Thunderbird 143.
Spoofing issue in the WebAuthn component in Firefox for Android. This vulnerability was fixed in Firefox 148 and Thunderbird 148.
A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longe
When redirecting to an invalid protocol scheme, an attacker could spoof the address bar.
*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*. This vuln
Spoofing issue in Firefox. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30.
When the address bar was hidden due to scrolling on Android, a malicious page could create a fake address bar to fool the user in response to a visibilitychange event. This vulnerability was fixed in
Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a m
Information disclosure due to uninitialized memory in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 148.
In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability was fixed in Firefox 141.
When using an invalid protocol scheme, an attacker could spoof the address bar.
*Note: This issue only affected Android operating systems. Other operating systems are unaffected.*
*Note: This issue i
Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151.
Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152.
Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed (distinct from CVE-2025-0245). This vulnerability was fixed in Firefo
The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been
Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
Mitigation bypass in Firefox for Android. This vulnerability was fixed in Firefox 150.
Page 1+ Next →