Vulnerability Details CVE-2024-26281
Upon scanning a JavaScript URI with the QR code scanner, an attacker could have executed unauthorized scripts on the current top origin sites in the URL bar. This vulnerability affects Firefox for iOS < 123.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.2%
CVSS Severity
CVSS v3 Score 4.7
References
Products affected by CVE-2024-26281
-
cpe:2.3:a:mozilla:firefox:-
-
cpe:2.3:a:mozilla:firefox:102.0
-
cpe:2.3:a:mozilla:firefox:119.0
-
cpe:2.3:a:mozilla:firefox:120.0
-
cpe:2.3:a:mozilla:firefox:14.0
-
cpe:2.3:a:mozilla:firefox:15.0
-
cpe:2.3:a:mozilla:firefox:15.1
-
cpe:2.3:a:mozilla:firefox:16.0
-
cpe:2.3:a:mozilla:firefox:16.1
-
cpe:2.3:a:mozilla:firefox:16.2
-
cpe:2.3:a:mozilla:firefox:17.0
-
cpe:2.3:a:mozilla:firefox:17.1
-
cpe:2.3:a:mozilla:firefox:17.2
-
cpe:2.3:a:mozilla:firefox:17.3
-
cpe:2.3:a:mozilla:firefox:18.0
-
cpe:2.3:a:mozilla:firefox:18.1
-
cpe:2.3:a:mozilla:firefox:18.2
-
cpe:2.3:a:mozilla:firefox:19.0
-
cpe:2.3:a:mozilla:firefox:19.1
-
cpe:2.3:a:mozilla:firefox:20.0
-
cpe:2.3:a:mozilla:firefox:20.1
-
cpe:2.3:a:mozilla:firefox:20.2
-
cpe:2.3:a:mozilla:firefox:21.0
-
cpe:2.3:a:mozilla:firefox:22.0
-
cpe:2.3:a:mozilla:firefox:23.0
-
cpe:2.3:a:mozilla:firefox:24.0
-
cpe:2.3:a:mozilla:firefox:24.1
-
cpe:2.3:a:mozilla:firefox:25.0
-
cpe:2.3:a:mozilla:firefox:25.1
-
cpe:2.3:a:mozilla:firefox:26.0
-
cpe:2.3:a:mozilla:firefox:27.0
-
cpe:2.3:a:mozilla:firefox:28.0