CVE-2024-43112

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Aug 6, 2024

Updated: Aug 29, 2024

CWE ID 79

Summary

CVE-2024-43112 is a newly identified vulnerability that puts Firefox for iOS users at risk. This issue is linked to a cross-site scripting (XSS) vulnerability, which can be triggered by a prolonged press on a download link. By exploiting this weakness, an attacker could inject malicious code into the webpage, potentially gaining unauthorized access to sensitive user data or taking control of the user's session. Users of Firefox for iOS versions prior to 129 are advised to update their browsers as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mozilla Firefox

Affected Vendors

Mozilla

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xhywGe
https://www.cve.org/CVERecord?id=CVE-2024-43112
https://nvd.nist.gov/vuln/detail/CVE-2024-43112

Back to Vulnerability Database