Mozilla · Firefox For Android · CVE-2025-6428
Name of the Vulnerable Software and Affected Versions:
Firefox for Android versions prior to 140
Description:
The issue allows an attacker to potentially lead to phishing attacks by following a provided URL in a link querystring parameter instead of the correct URL. This affects Firefox for Android, with other versions of Firefox being unaffected.
Recommendations:
For Firefox for Android versions prior to 140, update to version 140 or later to resolve the issue. As a temporary workaround, consider avoiding the use of link querystring parameters until the update is applied.