Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An attacker could execute unauthorized script on a legitimate site through UXSS using window.open() by opening a javascript URI leading to unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Focus 安全漏洞
Vulnerability Description
Mozilla Focus是美国Mozilla基金会的一个供iOS设备专用的浏览器。 Mozilla Focus 122之前版本存在安全漏洞,该漏洞源于允许攻击者通过 UXSS 使用 window.open() 打开 javascript URI,在合法站点上执行未经授权的脚本,从而导致在用户加载的网页中执行未经授权的操作。
CVSS Information
N/A
Vulnerability Type
N/A