High severity7.5NVD Advisory· Published Jan 22, 2024· Updated Jun 17, 2026
CVE-2024-0605
CVE-2024-0605
Description
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized scripts on top origin sites in urlbar. This bypasses security measures, potentially leading to arbitrary code execution or unauthorized actions within the user's loaded webpage. This vulnerability affects Focus for iOS < 122.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<122+ 1 more
- (no CPE)range: <122
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- www.mozilla.org/security/advisories/mfsa2024-03/nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingPermissions Required
News mentions
0No linked articles in our index yet.