CVE-2024-31393

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 124

Description The issue is related to insufficient input validation when dragging URL addresses into the address bar, allowing a remote attacker to bypass security restrictions and load arbitrary pages. This can be achieved by dragging Javascript URLs to the address bar, which could cause them to be loaded and bypass security protections.

Recommendations For Firefox for iOS versions prior to 124, update Firefox to a version 124 or later to resolve the issue. As a temporary workaround, consider avoiding dragging URLs into the address bar until the update is applied. Restrict access to suspicious links to minimize the risk of exploitation.