Mozilla Firefox for Android Link Parameter Navigation Vulnerability

A vulnerability in Firefox for Android versions prior to 140 allows URLs specified in a link querystring parameter to be followed automatically, rather than opening the intended domain. This behavior could be exploited for phishing attacks, as the browser would navigate to potentially malicious sites instead of the expected ones. The issue does not affect other versions of Firefox.

Impact

Exploitation of this vulnerability could lead to phishing attacks, with the browser being tricked into following a malicious link instead of the intended one.

Reproduction

The vulnerability can be reproduced by navigating to a webpage that contains a link query parameter with a URL value. After dismissing any cookie policies, tapping on a price or website link will demonstrate the issue, as Firefox for Android will not open the link as expected. This problem occurs regardless of the Enhanced Tracking Protection status and has been confirmed in both the release and nightly versions of Firefox for Android.

Remediation

Users can update to Firefox for Android version 140 or later, where this vulnerability has been fixed.