Mozilla Firefox prior to 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote malicious users to spoof the address bar via crafted JavaScript code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |