7.5
CVE-2026-11799
- EPSS 0.22%
- Veröffentlicht 09.06.2026 20:52:02
- Zuletzt bearbeitet 10.06.2026 20:14:36
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
UXSS in Focus for iOS / Klar Webkit navigation
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerMozilla
≫
Produkt
Focus for iOS
Version <=
*
Version
151.3.1
Status
unaffected
HerstellerMozilla
≫
Produkt
Klar for iOS
Version <=
*
Version
151.3.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.117 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
https://bugzilla.mozilla.org/show_bug.cgi?id=1975667
https://www.mozilla.org/security/advisories/mfsa2026-55/