Main Vulnerability Database Vulnerabilities #VU106363

#VU106363 Information disclosure in Mozilla Firefox and Firefox for Android - CVE-2025-3035

Published: April 1, 2025

Vulnerability identifier: #VU106363

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-3035

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Mozilla Firefox
Firefox for Android

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the tab title can be leaked when using the AI chatbot in one tab and later activating it in another tab. A remote attacker can gain access to title of a previous tab.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.mozilla.org/show_bug.cgi?id=1952268
https://www.mozilla.org/security/advisories/mfsa2025-20/