CVE-2025-54143
Description
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page. This vulnerability was fixed in Firefox for iOS 141.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.069
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2025-54143,CVE-2025-54144,CVE-2025-54145 are fixed in Mozilla Firefox (141.0) | Windows |
| Vulnerabilities CVE-2025-54143,CVE-2025-54144,CVE-2025-54145 are fixed in Mozilla Firefox (x64) (141.0) | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 140.99 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 140.99 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-349938 | Mozilla Firefox (141.0) |
| PATCH-349939 | Mozilla Firefox (x64) (141.0) |
| PATCH-351030 | Mozilla Firefox (x64) (142.0.1) |
| PATCH-351029 | Mozilla Firefox (142.0.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234