Mozilla Foundation Security Advisory 2024-10

Security Vulnerabilities fixed in Focus for iOS 123

Announced
February 19, 2024
Impact
high
Products
Focus for iOS
Fixed in
  • Focus for iOS 123

#CVE-2024-26284: UXSS exploit via 302 Redirect

Reporter
James Lee
Impact
high
Description

Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting (UXSS) on a victim website, if the victim had a link to the attacker's website.

References