Mozilla Foundation Security Advisory 2022-27
Security Vulnerabilities fixed in Firefox for iOS 102
- Announced
- June 29, 2022
- Impact
- moderate
- Products
- Firefox for iOS
- Fixed in
-
- Firefox for iOS 102
#CVE-2022-31746: Privileged internal URL protection could be bypassed through referrer header.
- Reporter
- Muneaki Nishimura
- Impact
- moderate
Description
Internal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header.