Description
Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142.
Published: 2025-08-19
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Potential for XSS when content displayed inline instead of downloaded
Action: Apply Patch
AI Analysis

Impact

Firefox for iOS fails to honour a Content-Disposition header of type attachment for certain MIME types, causing the content to be rendered inline rather than downloaded. This behavior can enable cross‑site scripting attacks because malicious scripts embedded in the content are executed in the browser context. The weakness is classified as CWE‑640, reflecting improper handling of a security‑critical header setting.

Affected Systems

Mozilla Firefox for iOS. Versions prior to 142 are affected, as the fix was introduced in Firefox for iOS 142.

Risk and Exploitability

The CVSS score of 6.1 indicates a moderate severity flaw. The EPSS score of less than 1% suggests that the likelihood of exploitation is low at the time of this analysis. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires an attacker to deliver content that the browser will render inline; a user must interact with or view the manipulated content, which makes the attack vector user‑dependent rather than purely remote.

Generated by OpenCVE AI on April 20, 2026 at 16:46 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Mozilla Firefox for iOS to version 142 or later, which contains the patch that enforces the Content‑Disposition header.
  • Verify that the browser no longer renders attachment MIME types inline by testing with a known attachment response.
  • If an immediate upgrade is not possible, monitor for XSS attempts and consider disabling inline rendering of content that should be downloaded on the device.

Generated by OpenCVE AI on April 20, 2026 at 16:46 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-25227 Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS < 142.
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS < 142. Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks. This vulnerability was fixed in Firefox for iOS 142.

Thu, 30 Oct 2025 16:30:00 +0000

Type Values Removed Values Added
Title Content-Disposition headers incorrectly ignored for some MIME types

Thu, 21 Aug 2025 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Mozilla firefox
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*
Vendors & Products Mozilla firefox

Thu, 21 Aug 2025 12:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Mozilla
Mozilla firefox For Ios
Vendors & Products Apple
Apple ios
Mozilla
Mozilla firefox For Ios

Wed, 20 Aug 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-640
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 19 Aug 2025 21:00:00 +0000

Type Values Removed Values Added
Description Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS < 142.
References

Subscriptions

Apple Ios
Mozilla Firefox Firefox For Ios
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:31:50.247Z

Reserved: 2025-08-05T13:26:34.686Z

Link: CVE-2025-55030

cve-icon Vulnrichment

Updated: 2025-08-20T14:02:15.650Z

cve-icon NVD

Status : Modified

Published: 2025-08-19T21:15:28.210

Modified: 2026-04-13T15:17:02.667

Link: CVE-2025-55030

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T17:00:12Z

Weaknesses