Medium severity6.1NVD Advisory· Published Jun 24, 2025· Updated Apr 13, 2026
CVE-2025-6430
CVE-2025-6430
Description
When a file download is specified via the Content-Disposition header, that directive would be ignored if the file was included via a <embed> or <object> tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability was fixed in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Firefox and Thunderbird ignore Content-Disposition: attachment when loading files via or , enabling XSS attacks.
Vulnerability
Overview
CVE-2025-6430 describes a flaw in Firefox and Thunderbird where the Content-Disposition: attachment HTTP header is ignored when a file is loaded via ` or ` tags. Normally, this header forces the browser to download the file rather than display it inline, serving as a critical defense against cross-site scripting (XSS) when user-uploaded content is served. However, due to this bug, the header is bypassed, and the file is rendered directly in the browser context [1].
Exploitation
An attacker can exploit this by uploading a malicious HTML, XML, or SVG file to a website that returns it with Content-Disposition: attachment. If the attacker then tricks a victim into visiting a page that embeds that file via ` or `, the browser will ignore the download directive and render the file, executing any embedded scripts in the origin of the vulnerable site. No special privileges are required beyond the ability to host or reference the uploaded file [1].
Impact
Successful exploitation leads to cross-site scripting (XSS) in the context of the vulnerable website, potentially allowing an attacker to steal cookies, session tokens, or perform actions on behalf of the victim. The vulnerability is rated Medium severity with a CVSS v3 score of 6.1 [2].
Mitigation
Mozilla has addressed this issue in Firefox 140, Firefox ESR 128.12, Thunderbird 140, and Thunderbird 128.12. Users are strongly advised to update their browsers to the latest versions to prevent exploitation [2][3][4].
References
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
79cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*+ 2 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*range: <140.0
- cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*range: <128.12.0
- (no CPE)range: <140
- Range: <128.12
- Range: <140
- osv-coords74 versionspkg:rpm/almalinux/firefoxpkg:rpm/almalinux/firefox-x11pkg:rpm/opensuse/firefox-esr&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaFirefox-branding-SLE&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/MozillaThunderbird&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/mozjs128&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/mozjs128&distro=openSUSE%20Tumbleweedpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP6pkg:rpm/suse/MozillaThunderbird&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP7pkg:rpm/suse/mozjs128&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/mozjs128&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/pipewire&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/pipewire&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/xdg-desktop-portal&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
< 128.12.0-1.el9_6.alma.1+ 73 more
- (no CPE)range: < 128.12.0-1.el9_6.alma.1
- (no CPE)range: < 128.12.0-1.el9_6.alma.1
- (no CPE)range: < 128.12.0-1.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 140.0.2-1.1
- (no CPE)range: < 128.12.0-150200.8.227.2
- (no CPE)range: < 128.12.0-1.1
- (no CPE)range: < 128.14.0-160000.1.1
- (no CPE)range: < 128.12.0-1.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-35.19.5
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-150200.9.21.1
- (no CPE)range: < 140-35.19.5
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-112.265.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-150200.152.188.1
- (no CPE)range: < 128.12.0-112.265.1
- (no CPE)range: < 128.12.0-150200.8.227.2
- (no CPE)range: < 128.12.0-150200.8.227.2
- (no CPE)range: < 128.12.0-150200.8.227.2
- (no CPE)range: < 128.12.0-150200.8.227.2
- (no CPE)range: < 128.14.0-160000.1.1
- (no CPE)range: < 128.14.0-160000.1.1
- (no CPE)range: < 0.3.24-150300.4.8.1
- (no CPE)range: < 0.3.24-150300.4.8.1
- (no CPE)range: < 0.3.49-150400.3.7.1
- (no CPE)range: < 0.3.49-150400.3.7.1
- (no CPE)range: < 0.3.64-150500.3.7.2
- (no CPE)range: < 0.3.64-150500.3.7.2
- (no CPE)range: < 0.3.6-150200.3.11.1
- (no CPE)range: < 0.3.6-150200.3.11.1
- (no CPE)range: < 0.3.24-150300.4.8.1
- (no CPE)range: < 0.3.49-150400.3.7.1
- (no CPE)range: < 0.3.64-150500.3.7.2
- (no CPE)range: < 0.3.24-150300.4.8.1
- (no CPE)range: < 0.3.49-150400.3.7.1
- (no CPE)range: < 0.3.64-150500.3.7.2
- (no CPE)range: < 1.8.0-150200.5.8.1
- (no CPE)range: < 1.8.0-150200.5.8.1
- (no CPE)range: < 1.10.1-150400.3.8.1
- (no CPE)range: < 1.10.1-150400.3.8.1
- (no CPE)range: < 1.16.0-150500.3.8.1
- (no CPE)range: < 1.16.0-150500.3.8.1
- (no CPE)range: < 1.8.0-150200.5.8.1
- (no CPE)range: < 1.10.1-150400.3.8.1
- (no CPE)range: < 1.16.0-150500.3.8.1
- (no CPE)range: < 1.8.0-150200.5.8.1
- (no CPE)range: < 1.10.1-150400.3.8.1
- (no CPE)range: < 1.16.0-150500.3.8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- www.mozilla.org/security/advisories/mfsa2025-51/nvdVendor Advisory
- www.mozilla.org/security/advisories/mfsa2025-53/nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdPermissions Required
- lists.debian.org/debian-lts-announce/2025/06/msg00029.htmlnvd
- lists.debian.org/debian-lts-announce/2025/07/msg00002.htmlnvd
- www.mozilla.org/security/advisories/mfsa2025-54/nvd
- www.mozilla.org/security/advisories/mfsa2025-55/nvd
News mentions
0No linked articles in our index yet.