Mozilla Firefox for iOS QR Code User Confirmation Bypass Vulnerability
Vulnerability
A vulnerability in Firefox for iOS versions prior to 136 allows certain QR codes containing website URLs to be opened without first displaying a confirmation alert to the user. This could lead to unintended navigation to potentially malicious sites.
Impact
Exploitation of this vulnerability could result in unintentional navigation to a website, bypassing the usual user confirmation process.
Remediation
Users can update to Firefox for iOS version 136 to address this vulnerability.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
0.6exploitability
6.4remediation
7.7relevance
0.0threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.