For native-to-JS bridging the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token could leak when used for downloading files. This vulnerability affects Firefox for iOS < 26.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2020-07-09T14:44:16
Updated: 2024-08-04T11:56:51.728Z
Reserved: 2020-04-28T00:00:00
Link: CVE-2020-12404
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-07-09T15:15:10.880
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-12404
Redhat
No data.