CVE-2021-4221 Information

Description

If a domain name contained a RTL character it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks.
This bug only affects Firefox for Android. Other operating systems are unaffected.
Note: Due to a clerical error this advisory was not included in the original announcement and was added in Feburary 2022. This vulnerability affects Firefox < 92.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1704422 https://www.mozilla.org/security/advisories/mfsa2021-38/