Open Redirect Vulnerability in Firefox for Android
CVE-2024-8897

6.1MEDIUM

Key Information:

Vendor: Mozilla
Status: Firefox For Android
Vendor: CVE Published:; 17 September 2024

What is CVE-2024-8897?

An open redirect vulnerability in Firefox for Android allows attackers to exploit the redirect functionality of trusted websites. This leads to the potential spoofing of the browser's address bar, making it difficult for users to discern whether they are on a legitimate site or a malicious one. Attackers could redirect users to fraudulent websites that mimic trusted addresses, thereby increasing the risk of phishing attacks and unauthorized data acquisition. This issue specifically affects versions of Firefox for Android prior to 130.0.1, highlighting the importance of timely updates and awareness of security practices to mitigate such risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Firefox for Android < 130.0.1

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1862537

https://www.mozilla.org/security/advisories/mfsa2024-45/

EPSS Score

10% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 17, 2024

JSON

Mozilla