Download Firefox

Firefox is no longer supported on Windows 8.1 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR 64-bit

Download Firefox ESR 32-bit

Download a different build

Firefox is no longer supported on macOS 10.14 and below.

Please download Firefox ESR (Extended Support Release) to use Firefox.

Download Firefox ESR
Firefox Privacy Notice
Get Mozilla VPN

Mozilla Foundation Security Advisory 2024-09

Security Vulnerabilities fixed in Focus for iOS 122

Announced
February 19, 2024
Impact
high
Products
Focus for iOS
Fixed in
  • Focus for iOS 122

Note: CVE-2024-1563 was fixed in Focus for iOS 122, released on January 22, 2024; but was not announced until February 19, 2023

#CVE-2024-1563: UXSS exploit using a timeout after externally opening the application from a custom Focus scheme

Reporter
James Lee
Impact
high
Description

An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition.

References