CVE-2025-8042 Information

Description

Firefox for Android allowed a sandboxed iframe without the allow-downloads attribute to start downloads. This vulnerability affects Firefox < 141.

Reference

https://bugzilla.mozilla.org/show_bug.cgi?id=1791322 https://www.mozilla.org/security/advisories/mfsa2025-56/

Related CNNVD

CNNVD-202508-2232 (Published: 2025-08-19)