CVE-2026-2032
Interrupted page loads in new tabs could allow website spoofing under trusted domains in Firefox iOS
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability was fixed in Firefox for iOS 147.2.1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Affected products
Mozilla · Firefox for iOSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →