CVE-2025-6434 in Firefoxinformação

Sumário

de MITRE • 24/06/2025

The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsável

Mozilla

Reservar

20/06/2025

Divulgação

24/06/2025

Moderação

aceite

Entrada

VDB-313761

CPE

pronto

EPSS

0.00227

KEV

não

Atividades

muito baixo

Fontes

Do you know our Splunk app?

Download it now for free!