Mozilla Foundation Security Advisory 2024-10
Security Vulnerabilities fixed in Focus for iOS 123
- Announced
- February 19, 2024
- Impact
- high
- Products
- Focus for iOS
- Fixed in
-
- Focus for iOS 123
#CVE-2024-26284: UXSS exploit via 302 Redirect
- Reporter
- James Lee
- Impact
- high
Description
Utilizing a 302 redirect, an attacker could have conducted a Universal Cross-Site Scripting (UXSS) on a victim website, if the victim had a link to the attacker's website.