CVE-2025-6434 in Firefox
Sumário
de MITRE • 24/06/2025
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an exception and loading a webpage over HTTP. This vulnerability affects Firefox < 140.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.