Primary

Context

Mozilla Firefox for iOS Full Address Bar Spoof Vulnerability via Server-Side Redirect

Vulnerability

A vulnerability in Firefox for iOS versions prior to 136 allows malicious websites to spoof the URL displayed in the address bar. This occurs through a server-side redirect to an internal error page, which can manipulate the perceived website URL.

Impact

Exploitation of this vulnerability leads to a high-severity spoofing issue, where the address bar does not accurately reflect the current website, potentially misleading users about their online location.

Remediation

Users can upgrade to Firefox for iOS version 136 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox for iOS Full Address Bar Spoof Vulnerability via Server-Side Redirect

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating