Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site.
*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 17 Sep 2024 12:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mozilla
Published: 2024-09-17T12:21:22.840Z
Updated: 2024-09-17T18:16:26.458Z
Reserved: 2024-09-16T16:23:51.382Z
Link: CVE-2024-8897
Vulnrichment
Updated: 2024-09-17T18:16:21.508Z
NVD
Status : Awaiting Analysis
Published: 2024-09-17T13:15:04.423
Modified: 2024-09-20T12:30:51.220
Link: CVE-2024-8897
Redhat
No data.