CVE-2025-54144
Internal Firefox open-text URL scheme allowed loading of arbitrary URLs
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.4EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
19 ago 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Productos afectados
Mozilla · Firefox for iOS¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →