2020-08-10 17:43:24
mozilla
PUBLISHED
A unicode RTL order character in the downloaded file name can be used to change the files name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.