CVE-2025-6428: Vulnerability in Mozilla Firefox
When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability was fixed in Firefox 140.
AI Analysis
Technical Summary
CVE-2025-6428 is an open redirect vulnerability affecting Firefox for Android. When a URL is supplied in a link's querystring parameter, Firefox for Android incorrectly follows that URL rather than the correct one, which could be exploited for phishing attacks. This vulnerability is limited to Firefox for Android and was addressed in Firefox 140. The CVSS 3.1 base score is 4.3, reflecting a medium severity with network attack vector, low attack complexity, no privileges required, user interaction required, and limited impact on integrity only.
Potential Impact
The vulnerability allows an attacker to craft a link that, when opened in Firefox for Android, causes the browser to follow a malicious URL instead of the legitimate one. This behavior could facilitate phishing attacks by misleading users about the destination of a link. There is no impact on confidentiality or availability, and no known exploitation in the wild has been reported.
Mitigation Recommendations
Mozilla fixed this vulnerability in Firefox for Android version 140. Users and administrators should update Firefox for Android to version 140 or later to remediate this issue. No additional mitigation steps are required once the update is applied.
CVE-2025-6428: Vulnerability in Mozilla Firefox
Description
When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability was fixed in Firefox 140.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-6428 is an open redirect vulnerability affecting Firefox for Android. When a URL is supplied in a link's querystring parameter, Firefox for Android incorrectly follows that URL rather than the correct one, which could be exploited for phishing attacks. This vulnerability is limited to Firefox for Android and was addressed in Firefox 140. The CVSS 3.1 base score is 4.3, reflecting a medium severity with network attack vector, low attack complexity, no privileges required, user interaction required, and limited impact on integrity only.
Potential Impact
The vulnerability allows an attacker to craft a link that, when opened in Firefox for Android, causes the browser to follow a malicious URL instead of the legitimate one. This behavior could facilitate phishing attacks by misleading users about the destination of a link. There is no impact on confidentiality or availability, and no known exploitation in the wild has been reported.
Mitigation Recommendations
Mozilla fixed this vulnerability in Firefox for Android version 140. Users and administrators should update Firefox for Android to version 140 or later to remediate this issue. No additional mitigation steps are required once the update is applied.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mozilla
- Date Reserved
- 2025-06-20T14:51:33.064Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 685aa0274dc24046c1dc5aa0
Added to database: 6/24/2025, 12:55:03 PM
Last enriched: 4/14/2026, 11:51:49 AM
Last updated: 5/9/2026, 10:01:56 PM
Views: 106
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.