Primary

Context

Mozilla Firefox and Firefox ESR Address Bar Spoofing Vulnerability

Vulnerability

Patched

A spoofing vulnerability has been identified in the Address Bar component of Firefox versions prior to 142 and Firefox ESR versions prior to 140.2. This issue allows for deceptive representation in the address bar, potentially leading to user confusion or misrepresentation of the actual website being visited.

Impact

Exploitation of this vulnerability could lead to spoofing, where a user is misled about the identity of a website or resource.

Remediation

Users can upgrade to Firefox 142 or Firefox ESR 140.2 to address this vulnerability.

Added: Aug 19, 2025, 9:21 PM

Updated: Aug 19, 2025, 9:21 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox and Firefox ESR Address Bar Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Mozilla Firefox

Mozilla Firefox ESR

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating