THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-26284

Assigner:mozilla (f16b083a-5664-49f3-a51e-8d479e5ed7fe)
Reserved:2024-02-15
Published:2024-02-22
Updated:2024-06-10

Description

Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting (UXSS) on a victim website, if the victim had a link to the attacker's website. This vulnerability affects Focus for iOS < 123.

Problem types

UXSS exploit via 302 Redirect

Product status

Any version before 123
affected

Credits

James Lee

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1860075

https://www.mozilla.org/security/advisories/mfsa2024-10/

cve.org CVE-2024-26284

nvd.nist.gov CVE-2024-26284

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26284