CVE-2025-5020

MEDIUM Year: 2025
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-939
View all →

Vulnerability Description

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox iOS client This vulnerability affects Firefox for iOS < 139.

Related Vulnerabilities

CVE-2024-35298

MEDIUM
CVSS:4.3(Medium)

Improper authorization in handler for custom URL scheme issue in 'ZOZOTOWN' App for Android versions prior to 7.39.6 allows an attacker to lead a user to access an arbitrary website via another applic...

CWE-9392024

CVE-2024-45203

MEDIUM
CVSS:4.3(Medium)

Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to a...

CWE-9392024

CVE-2024-54014

LOW
CVSS:3.6(Low)

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead the application to...

CWE-9392024

CVE-2022-20736

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an ...

CWE-9392022

CVE-2024-54125

LOW
CVSS:3.3(Low)

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the vulnera...

CWE-9392024

CVE-2023-43582

HIGH
CVSS:8.8(High)

Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.

CWE-9392023