CVE-2024-38313

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 127

Description The issue is related to errors in the representation of information by the user interface. It may allow a remote attacker to conduct spoofing attacks using the cpLocation attribute, potentially misleading users about the actual website address. A malicious website could attempt to display a fake location URL bar.

Recommendations For Firefox for iOS versions prior to 127, update to version 127 or later to resolve the issue. As a temporary workaround, consider being cautious when clicking on links from untrusted sources and verify the actual website address in the URL bar to minimize the risk of exploitation.