CVE-2025-5271 Information

Description

Previewing a response in Devtools ignored CSP headers which could have allowed content injection attacks. This vulnerability affects Firefox < 139.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1920348 https://www.mozilla.org/security/advisories/mfsa2025-42/