Home

CVE-2025-54144

Description

The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link. This vulnerability was fixed in Firefox for iOS 141.

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.029

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2025-54143,CVE-2025-54144,CVE-2025-54145 are fixed in Mozilla Firefox (141.0)Windows
Vulnerabilities CVE-2025-54143,CVE-2025-54144,CVE-2025-54145 are fixed in Mozilla Firefox (x64) (141.0)Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 140.99Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 140.99Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-349938Mozilla Firefox (141.0)
PATCH-349939Mozilla Firefox (x64) (141.0)
PATCH-351030Mozilla Firefox (x64) (142.0.1)
PATCH-351029Mozilla Firefox (142.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234