CNNVD-202506-3011 Information
CNNVD ID
CNNVD-202506-3011
Related CVE
- CNNVD Published: 2025-06-24
Description (Chinese)
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 140之前版本和Mozilla Firefox ESR 128.12之前版本存在安全漏洞,该漏洞源于Content-Disposition标头处理存在缺陷,可能导致跨站脚本攻击。
Description (English)
Mozilla Firefox is an open-source Web browser for the Mozilla Foundation in the United States. Pre-Mozilla Firefox 140 and pre-Mozilla Firefox ESR 128.12 have security loopholes, which stem from deficiencies in the handling of the Content-Disposition marker, which may lead to cross-site script attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Mozilla
Published
2025-06-24
Last Modified
2026-02-24
References
https://www.mozilla.org/security/advisories/mfsa2025-51/ https://www.mozilla.org/security/advisories/mfsa2025-53/ https://www.mozilla.org/security/advisories/mfsa2025-54/ https://www.mozilla.org/security/advisories/mfsa2025-55/ https://bugzilla.mozilla.org/show_bug.cgi?id=1971140 https://access.redhat.com/security/cve/cve-2025-6430
Patch
https://www.mozilla.org/en-US/firefox/140.0/releasenotes/
Share on: