Security Advisory

CVE-2025-3029

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-01 12:28:59

Last updated 2026-04-13 14:26:00

Assigner mozilla

State PUBLISHED

Description

A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability was fixed in Firefox 137, Firefox ESR 128.9, Thunderbird 137, and Thunderbird 128.9.

← Browse all CVEs View on cve.org ↗