CVE-2025-11717Sensitive Information Exposure in Mozilla Firefox

CWE-200Sensitive Information Exposure6 documents6 sources
Severity
9.1CRITICALNVD
EPSS
0.0%
top 86.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedOct 14

Description

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

NVDmozilla/firefox< 144.0

🔴Vulnerability Details

3
OSV
CVE-2025-11717: When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last2025-10-14
CVEList
The password edit screen was not hidden in Android card view2025-10-14
GHSA
GHSA-53qc-r462-795h: When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last2025-10-14

📋Vendor Advisories

2
Debian
CVE-2025-11717: firefox - When switching between Android apps using the card carousel Firefox shows a blac...2025
Mozilla
Mozilla Foundation Security Advisory 2025-81: CVE-2025-11717
CVE-2025-11717 — Sensitive Information Exposure | cvebase