We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Opening Javascript links in a new tab via long-press in the Firefox iOS client could result in a malicious script spoofing the URL of the new tab. This vulnerability affects Firefox for iOS < 134.
Reserved 2025-01-10 | Published 2025-01-11 | Updated 2025-01-13 | Assigner mozillaFirefox Mobile iOS Full Address Bar Spoof Using Open in New Tab and Javascript URI
Renwa
bugzilla.mozilla.org/show_bug.cgi?id=1933172
www.mozilla.org/security/advisories/mfsa2025-06/
Support options