2025-08-19 20:52:46
mozilla
PUBLISHED
Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox < 141.