CVE-2020-6830

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 25

Description The issue is related to the implementation of window.webkit in the Firefox web browser for iOS, which involves the disclosure of information about the SECURITY TOKEN. This could allow a remote attacker to gain unauthorized access to protected information. The vulnerability is due to the unnecessary use of a unique token for JS-to-native bridging, which was leaking the token.

Recommendations For versions prior to 25, update to version 25 or later to resolve the issue. As a temporary workaround, consider restricting access to the bridging functions to minimize the risk of exploitation.