Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2015-153

HTML injection in homescreen app bypassing DOM sanitizer

Announced
December 30, 2015
Reporter
Muneaki Nishimura
Impact
High
Products
Firefox OS
Fixed in
  • Firefox OS 2.5

Description

Mozilla fixed a bug in the l10n localization of the default homescreen app of Firefox OS reported by security researcher Muneaki Nishimura. Exploiting this issue requires tricking the user into bookmarking a specially crafted web page via the 'Add to home screen' functionality. As a result, an iframe controlled by the attacker would be executed with homescreen privileges, potentially leading to further system compromise.

References