Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141.
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Link | Tags |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1912671 | issue tracking permissions required |
https://www.mozilla.org/security/advisories/mfsa2025-60/ | vendor advisory |