Primary

Context

Mozilla Firefox for iOS Spoofing Vulnerability via Scripted Navigation

Vulnerability

A vulnerability in Firefox for iOS versions prior to 147.4 allows malicious scripts to create a desynchronization between the address bar and web content. This issue can lead to attacker-controlled pages being displayed under misleading domains. The vulnerability arises from the way Firefox for iOS handles scripted navigation, potentially allowing for phishing or other deceptive practices.

Impact

Exploitation of this vulnerability could result in spoofing attacks, where users are led to believe they are on a trusted site when they are not.

Remediation

Users can upgrade to Firefox for iOS version 147.4 or later to address this vulnerability.

Added: Feb 24, 2026, 2:59 PM

Updated: Feb 24, 2026, 2:59 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

6.2

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mozilla Firefox for iOS Spoofing Vulnerability via Scripted Navigation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating