2025-10-14 12:27:36
mozilla
PUBLISHED
Links in a sandboxed iframe could open an external app on Android without the required "allow-" permission. This vulnerability affects Firefox < 144 and Thunderbird < 144.