CVE-2024-43112 – A cross-site scripting (XSS) vulnerability in F... (How to Fix)

Q: What is the severity of CVE-2024-43112?

CVE-2024-43112 has a CVSS score of 6.1 (MEDIUM). A cross-site scripting (XSS) vulnerability in Firefox for iOS allows attackers to execute malicious scripts by tricking users into long-pressing on specially crafted download links. This affects Firefox for iOS users running versions below 129. The vulnerability could lead to session hijacking, data theft, or redirection to malicious sites.

📋 TL;DR

A cross-site scripting (XSS) vulnerability in Firefox for iOS allows attackers to execute malicious scripts by tricking users into long-pressing on specially crafted download links. This affects Firefox for iOS users running versions below 129. The vulnerability could lead to session hijacking, data theft, or redirection to malicious sites.

💻 Affected Systems

Products:

Firefox for iOS

Versions: All versions below 129

Operating Systems: iOS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Firefox browser on iOS devices. Other browsers and platforms are not affected.

📦 What is this software?

Firefox by Mozilla

View all CVEs affecting Firefox →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, authentication tokens, or sensitive user data, potentially leading to account takeover, financial fraud, or installation of malware through social engineering.

🟠

Likely Case

Attackers could perform limited session hijacking, redirect users to phishing sites, or steal non-critical user data from vulnerable sessions.

🟢

If Mitigated

With proper content security policies and user awareness, impact is limited to isolated session compromise that can be cleared by logging out.

🌐 Internet-Facing: HIGH - This is a client-side vulnerability affecting web browsers that regularly interact with untrusted internet content.

🏢 Internal Only: LOW - Internal applications typically have more controlled content, but risk exists if internal users browse external sites.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction (long-press on malicious link) and social engineering to deliver the payload.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firefox for iOS 129

Vendor Advisory: https://www.mozilla.org/security/advisories/mfsa2024-36/

Restart Required: Yes

Instructions:

1. Open the App Store on your iOS device. 2. Search for Firefox. 3. Tap Update to install version 129 or higher. 4. Restart Firefox after update completes.

🔧 Temporary Workarounds

Disable JavaScript for untrusted sites

ios

Configure Firefox to block JavaScript on untrusted websites to prevent XSS payload execution

Settings > Content Blocking > Custom > Uncheck JavaScript

Use alternative browser temporarily

ios

Switch to Safari or another updated browser until Firefox is patched

🧯 If You Can't Patch

Educate users to avoid long-pressing on download links from untrusted sources
Implement web application firewalls (WAF) with XSS protection rules for enterprise environments

🔍 How to Verify

Check if Vulnerable:

Open Firefox on iOS, go to Settings > About Firefox, check if version is below 129

Check Version:

Settings > About Firefox

Verify Fix Applied:

After updating, confirm version is 129 or higher in Settings > About Firefox

📡 Detection & Monitoring

Log Indicators:

Unusual JavaScript execution patterns in browser logs
Multiple failed download attempts from same session

Network Indicators:

Suspicious JavaScript payloads in HTTP requests
Unexpected redirects to external domains

SIEM Query:

source="firefox_logs" AND (event="javascript_execution" OR event="download_initiated") AND user_interaction="long_press"

📊 Metadata

CVE ID: CVE-2024-43112

CVSS v3 Score: 6.1 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

Published: August 6, 2024

Last Updated: March 17, 2025

🔗 References

https://bugzilla.mozilla.org/show_bug.cgi?id=1874910 Issue Tracking,Permissions Required
https://www.mozilla.org/security/advisories/mfsa2024-36/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43112, you might also want to check these: