← volver
CVE-2025-3859

Firefox Focus elide URL allows address bar spoofing

CVSS 4.3 MEDIUMEPSS 0.2%CWE-451
Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage. This vulnerability was fixed in Focus 138.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Productos afectados
Mozilla · Focus

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/show_bug.cgi?id=1951533https://www.mozilla.org/security/advisories/mfsa2025-33/