Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2015-125

XSS attack through intents on Firefox for Android

Announced
November 3, 2015
Reporter
Muneaki Nishimura
Impact
High
Products
Firefox
Fixed in
  • Firefox 42

Description

Security researcher Muneaki Nishimura reported that on Firefox for Android that it is possible to create a cross-site script (XSS) attack through the use of Android intents and fallback navigation. This issue is caused by improper sterilization of opened addresses sent to Firefox through intents.

This issue only affects Firefox for Android. Firefox on other operating systems is not affected.

References