AmmarSpaces@infosec.exchange to

Firefox · 2 days ago

Today, the team at v12 released a video showing a PoC of Universal Account Takeover affecting Firefox Focus of iOS version.

media.infosec.exchange

27

Today, the team at v12 released a video showing a PoC of Universal Account Takeover affecting Firefox Focus of iOS version.

media.infosec.exchange

AmmarSpaces@infosec.exchange to

Firefox · 2 days ago

Today, the team at v12 released a video showing a PoC of Universal Account Takeover affecting Firefox Focus of iOS version.

The PoC were released because it is been almost a year the vuln reported, but it is not patched yet.

The video below is demonstration of the vulnerability. We can see that,your X, Google, Reddit, can be taken over only in one click of a link.

Vulnerability explanation and the partly PoC can be seen here:
https://github.com/v12-security/pocs/tree/main/firefox

#cybersecurity #infosec #0day #firefox

Chat

slazer2au
link
fedilink
English
arrow-up
4
arrow-down
4·
2 days ago
Because the iOS version of Firefox uses WebKit not Geko. You can blame Apple for the walled garden full of holes for this.
- XLE@piefed.social
  link
  fedilink
  English
  arrow-up
  7·
  2 days ago
  The bug isn’t in any other WebKit browser.