CVE-2025-11717

Published: Oct 14, 2025Modified: Jun 17, 2026

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability was fixed in Firefox 144.

Affected (1)

Products: Mozilla: Firefox

1 product

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Mozilla Firefox	Before 144.0

Running on/with	Platform Versions
Google Android	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://bugzilla.mozilla.org/show_bug.cgi?id=1872601

Source: security@mozilla.org

Issue TrackingPermissions Required

https://www.mozilla.org/security/advisories/mfsa2025-81/

Source: security@mozilla.org

Vendor Advisory

Timeline

No history available yet.