- Description
- By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox < 137.
- Source
- security@mozilla.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-359
- Hype score
- Not currently trending
CVE-2025-3035 By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerabil… https://t.co/DxAFjfQSYn
@CVEnew
5 Apr 2025
270 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I found a privacy/memory leak combo in @firefox (CVE-2025-3035) the other week. A patch was written and reviewed by the team in less than 4 hours! 🔥 https://t.co/328EnvGIor
@mnoorenberghe
2 Apr 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6CBADD8-E865-41B5-BDDD-1572F97D5176",
"versionEndExcluding": "137.0"
}
],
"operator": "OR"
}
]
}
]