← Retour aux CVEs
CVE-2025-14744
MEDIUM6.5
Description
Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0.
Details CVE
Score CVSS v3.16.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie12/18/2025
Derniere modification4/13/2026
Sourcenvd
Observations honeypot0
Produits affectes
mozilla:firefox
Faiblesses (CWE)
CWE-451
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1984683(security@mozilla.org)
https://www.mozilla.org/security/advisories/mfsa2025-97/(security@mozilla.org)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.