CVE-2024-43112
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Aug 6, 2024
Updated: Aug 29, 2024
CWE ID 79
Summary
CVE-2024-43112 is a newly identified vulnerability that puts Firefox for iOS users at risk. This issue is linked to a cross-site scripting (XSS) vulnerability, which can be triggered by a prolonged press on a download link. By exploiting this weakness, an attacker could inject malicious code into the webpage, potentially gaining unauthorized access to sensitive user data or taking control of the user's session. Users of Firefox for iOS versions prior to 129 are advised to update their browsers as soon as possible to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Mozilla Firefox
Affected Vendors
- Mozilla