Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins. This could be used to gain fullscreen access for UI spoofing and could also lead to cross-origin attacks on targeted websites. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox 安全漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Firefox for Android 存在安全漏洞,该漏洞源于当从其他已安装的应用程序接受恶意意图时,Firefox for Android接受来自任意文件路径的清单,并允许声明其他来源的webapp清单。 这可能被用来获得UI欺骗的全屏访问,还可能导致针对目标网站的跨域攻击。
CVSS Information
N/A
Vulnerability Type
N/A