Security Advisory

CVE-2025-4085

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-29 13:13:39

Last updated 2026-02-26 18:27:55

Assigner mozilla

State PUBLISHED

Description

An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability affects Firefox < 138 and Thunderbird < 138.

← Browse all CVEs View on cve.org ↗