CVE-2020-6827 Information

Description

When following a link that opened an intent://-schemed URL causing a custom tab to be opened Firefox for Android could be tricked into displaying the incorrect URI. br Note: This issue only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox ESR 68.7.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1622278 https://www.mozilla.org/security/advisories/mfsa2020-13/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

4.7