Security Advisory

CVE-2025-6428

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-24 12:28:02

Last updated 2026-04-13 14:31:03

Assigner mozilla

State PUBLISHED

Description

When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability was fixed in Firefox 140.

← Browse all CVEs View on cve.org ↗