vulnerability

MFSA2025-43 Firefox: Security Vulnerabilities fixed in Firefox ESR 115.24 (CVE-2025-5265)

Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
May 27, 2025
Added
May 28, 2025
Modified
Jun 13, 2025

Description

Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system.
*This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.* This vulnerability affects Firefox

Solution

mozilla-firefox-esr-upgrade-115_24
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.