Cross-Site Scripting Vulnerability in Firefox by Mozilla
CVE-2025-11152

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox
Vendor: CVE Published:; 30 September 2025

What is CVE-2025-11152?

A Cross-Site Scripting vulnerability has been identified in Firefox versions prior to 143.0.3, which may allow an attacker to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized actions or data exposure.

Affected Version(s)

Firefox < 143.0.3

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1987246

https://www.mozilla.org/security/advisories/mfsa2025-80/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 30, 2025
Vulnerability Reserved
Sep 29, 2025

Credit

Oskar L

JSON