← voltar
CVE-2026-8706

Sensitive user data could be leaked to other applications through Reader mode

CVSS 6.5 MEDIUMEPSS 0.2%CWE-200CWE-306
Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Produtos afetados
Mozilla · Firefox for iOS

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.mozilla.org/show_bug.cgi?id=2036618https://www.mozilla.org/security/advisories/mfsa2026-49/