Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phones, or on certain carriers, if the number was dialed this could perform actions on a user's account, similar to a cross-site request forgery attack.<br>*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 97.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox 安全漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 中存在安全漏洞,该漏洞源于产品对tel:link的处理方式存在错误。攻击者可将特殊字符放在电话号码中,当用户触发该动作时迫使受害者拨打电话。 以下产品及版本受到影响:Mozilla Firefox 70.0 至 96.0.3 版本,Firefox ESR 78.0 至 91.5.1 版本。
CVSS Information
N/A
Vulnerability Type
N/A