Description
When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks.
*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability was fixed in Firefox 140.
Published: 2025-06-24
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Phishing due to unintended URL navigation
Action: Patch
AI Analysis

Impact

Firefox for Android mistakenly follows a URL supplied in a link’s query‑string parameter instead of the intended hyperlink target. This defect enables an attacker to redirect users to malicious sites by embedding a crafted parameter in a legitimate page link, thereby facilitating phishing attacks. The weakness is specifically a type of malicious open‐redirect or link‐validation flaw as identified by CWE‑601.

Affected Systems

The vulnerability exists solely in Firefox for Android. No other Firefox releases are affected. The defect could affect any Android device running a version of Firefox older than the patched release, regardless of the underlying Android OS version.

Risk and Exploitability

The CVSS score of 4.3 indicates a medium impact level, and the EPSS score of less than 1% suggests a very low likelihood of current exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Attackers would likely need to control or influence the query‑string contents of a link that a user clicks within Firefox, which could occur through malicious HTML or web content. Given the low EPSS, the risk is modest but still noteworthy for users who visit untrusted sites.

Generated by OpenCVE AI on April 20, 2026 at 16:58 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Firefox to the latest version, which includes the fix released in version 140.
  • If no upgrade is immediately available, disable automatic navigation from query parameters in the browser’s advanced settings or use a content filtering extension that blocks suspicious redirects.
  • Verify that all installed applications on the device enforce secure link handling and avoid installing untrusted add‑ons or applications that may inject or alter URLs.

Generated by OpenCVE AI on April 20, 2026 at 16:58 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-28735 When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.
History

Mon, 13 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140. When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability was fixed in Firefox 140.

Thu, 30 Oct 2025 16:30:00 +0000

Type Values Removed Values Added
Title firefox: Firefox for Android opened URLs specified in a link querystring parameter Firefox for Android opened URLs specified in a link querystring parameter

Thu, 03 Jul 2025 17:00:00 +0000

Type Values Removed Values Added
First Time appeared Google
Google android
Mozilla
Mozilla firefox
CPEs cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Vendors & Products Google
Google android
Mozilla
Mozilla firefox

Thu, 26 Jun 2025 00:30:00 +0000

Type Values Removed Values Added
Title firefox: Firefox for Android opened URLs specified in a link querystring parameter
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 25 Jun 2025 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-601
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Jun 2025 12:45:00 +0000

Type Values Removed Values Added
Description When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 140.
References

Subscriptions

Google Android
Mozilla Firefox
cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published:

Updated: 2026-04-13T14:31:03.707Z

Reserved: 2025-06-20T14:51:33.064Z

Link: CVE-2025-6428

cve-icon Vulnrichment

Updated: 2025-06-25T14:20:49.699Z

cve-icon NVD

Status : Modified

Published: 2025-06-24T13:15:23.770

Modified: 2026-04-13T15:17:06.867

Link: CVE-2025-6428

cve-icon Redhat

Severity : Moderate

Publid Date: 2025-06-24T12:28:02Z

Links: CVE-2025-6428 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T17:00:12Z

Weaknesses