Vulnerability CVE-2021-43544: Information
Description
When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 95.
Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
firefox | sisyphus | 95.0-alt1 | 125.0.3-alt1 | ALT-PU-2021-3496-1 | 291654 | Fixed |
firefox | p10 | 95.0.1-alt1 | 118.0.2-alt0.p10.1 | ALT-PU-2021-3576-1 | 291719 | Fixed |
firefox | p9 | 105.0.1-alt0.c9.1 | 105.0.1-alt0.c9.1 | ALT-PU-2023-4339-1 | 319683 | Fixed |
firefox | c10f1 | 95.0.1-alt1 | 112.0.2-alt0.p10.1 | ALT-PU-2021-3576-1 | 291719 | Fixed |
firefox | c9f2 | 105.0.1-alt0.c9.1 | 105.0.1-alt0.c9.1 | ALT-PU-2023-1139-1 | 309126 | Fixed |
firefox-esr | p9 | 102.6.0-alt0.c9.1 | 102.11.0-alt0.c9.1 | ALT-PU-2023-4336-1 | 319683 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://www.mozilla.org/security/advisories/mfsa2021-52/ |
|
https://bugzilla.mozilla.org/show_bug.cgi?id=1739934 |
|