CVE-2025-8039
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-22
Last updated on: 2026-04-13
Assigner: Mozilla Corporation
Description
Description
In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mozilla | firefox | From 60.9.0 (exc) |
| mozilla | firefox | From 60.9.0 (exc) |
| mozilla | thunderbird | to 140.0 (inc) |
| mozilla | thunderbird | to 140.0 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves search terms remaining visible in the URL bar even after the user navigates away from the search page. It affects certain versions of Firefox and Thunderbird before version 141 and ESR before 140.1.
How can this vulnerability impact me? :
The persistence of search terms in the URL bar could lead to unintended exposure of sensitive or private search queries to anyone who can see the URL bar, potentially compromising user privacy.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70