Main Vulnerability Database Vulnerabilities #VU113149

Multiple Interpretations of UI Input in Mozilla products - CVE-2025-8039

Published: July 22, 2025

Vulnerability identifier: #VU113149

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-8039

CWE-ID: CWE-450

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Mozilla

Affected software:
Mozilla Firefox
Firefox ESR
Firefox for Android

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to in some cases search terms persisted in the URL bar even after navigating away from the search page. A remote attacker can obtain information about previous searches.

How to mitigate CVE-2025-8039

Install updates from vendor's website.

Sources

https://www.mozilla.org/en-US/security/advisories/mfsa2025-59/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/
https://bugzilla.mozilla.org/show_bug.cgi?id=1970997

Multiple Interpretations of UI Input in Mozilla products - CVE-2025-8039

Detailed vulnerability description

How to mitigate CVE-2025-8039

Sources

Please verify you're human