CVE-2023-49061

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 120

Description The issue is related to the Reader Mode in Firefox for iOS, where the browser fails to neutralize HTML tags, allowing an attacker to perform HTML template injection. This could enable a remote attacker to gain unauthorized access to protected information and conduct cross-site scripting attacks. The estimated number of potentially affected devices is not specified.

Recommendations For versions prior to 120, update to version 120 or later to resolve the issue. As a temporary workaround, consider disabling the Reader Mode feature until a patch is available. Restrict access to sensitive information when using the affected browser version to minimize the risk of exploitation.