Primary

Context

Mozilla Focus for iOS JavaScript Link Drag-and-Drop Vulnerability Allowing XSS Execution

Vulnerability

A vulnerability exists in Mozilla Focus for iOS versions prior to 142, where dragging JavaScript links to the URL bar could execute malicious scripts. This behavior could be exploited to perform cross-site scripting (XSS) attacks.

Impact

Exploitation of this vulnerability could lead to cross-site scripting (XSS) attacks.

Remediation

Users can update to Mozilla Focus for iOS version 142 to address this vulnerability.

Added: Aug 19, 2025, 9:31 PM

Updated: Aug 19, 2025, 9:31 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.7

exploitability

6.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Focus for iOS JavaScript Link Drag-and-Drop Vulnerability Allowing XSS Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating