An attacker could have executed unauthorized scripts on top origin sites using a JavaScript URI when opening an external URL with a custom Firefox scheme and a timeout race condition. This vulnerability affects Focus for iOS < 122.
Mozilla Foundation Security Advisory 2024-09
Security Vulnerabilities fixed in Focus for iOS 122
Announced
February 19, 2023
Impact
high
Products
Focus for iOS
Fixed in
Focus for iOS 122
...