We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-8897



Description

Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. This can lead to a malicious site to appear to have the same URL as the trusted site. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 130.0.1.

Reserved 2024-09-16 | Published 2024-09-17 | Updated 2024-09-17 | Assigner mozilla

Problem types

Address bar spoofing after server-side redirect

Product status

Any version before 130.0.1
affected

Credits

Thomas Orlita

References

bugzilla.mozilla.org/show_bug.cgi?id=1862537

www.mozilla.org/security/advisories/mfsa2024-45/

cve.org (CVE-2024-8897)

nvd.nist.gov (CVE-2024-8897)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-8897

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.

© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.