CVE-2025-27426
published 2025-03-04CVE-2025-27426: Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox…
medium5.4CVSS 3.1
AVNACLPRNUIRSUCLILAN
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL. This vulnerability was fixed in Firefox for iOS 136.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | — | — |
| mozilla | firefox | < 136.0 | 136.0 |
| mozilla | firefox | — | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
osv5.4MEDIUM
Debian
CVE-2025-27426: firefox - Malicious websites utilizing a server-side redirect to an internal error page co...
vendor_debian·2025·CVSS 5.4
CVE-2025-27426 [MEDIUM] CVE-2025-27426: firefox - Malicious websites utilizing a server-side redirect to an internal error page co...
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox for iOS < 136.
Scope: local
sid: resolved
Mozilla
Mozilla Foundation Security Advisory 2025-13: CVE-2025-27426
vendor_mozilla·CVSS 5.4
CVE-2025-27426 [MEDIUM] Mozilla Foundation Security Advisory 2025-13: CVE-2025-27426
Mozilla Foundation Security Advisory 2025-13
CVE: CVE-2025-27426
Product: Firefox for iOS
Impact: low
Fixed in: Firefox for iOS 136
OSV
CVE-2025-27426: Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox
osv·2025-03-04·CVSS 5.4
CVE-2025-27426 [MEDIUM] CVE-2025-27426: Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox for iOS < 136.
GHSA
GHSA-57gw-hcmr-f4g2: Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox
ghsa_unreviewed·2025-03-04
CVE-2025-27426 [MEDIUM] CWE-601 GHSA-57gw-hcmr-f4g2: Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox
Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox for iOS < 136.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-04
Published