CVE-2024-1563
published 2024-02-22CVE-2024-1563: An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a…
high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. This vulnerability affects Focus for iOS < 122.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | — | — |
| mozilla | firefox_focus | < 122.0 | 122.0 |
| mozilla | focus_for_ios | >= unspecified < 122 | 122 |