
Find real vulnerabilities before they ship
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.
Base Score
9.8| Base Score | 9.8 |
|---|---|
| Vector String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Base Severity | Critical |
| Version | 3.1 |
| Attack Vector (AV) | NETWORK |