CVE-2025-54143
Sandboxed iframes could allow local downloads despite sandbox restrictions
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Mozilla · Firefox for iOSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →