CVE-2025-8039

Published: Jul 22, 2025Modified: Apr 13, 2026

8.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Exploitability: 2.8 / Impact: 5.2

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In some cases search terms persisted in the URL bar even after navigating away from the search page. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.

Affected (4)

Products: Mozilla: Firefox, Thunderbird

Mozilla

2 products

Firefox

Thunderbird

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Before 141.0
Mozilla Firefox	Before 140.1
Mozilla Thunderbird	Before 141.0
Mozilla Thunderbird	Before 140.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (5)

https://bugzilla.mozilla.org/show_bug.cgi?id=1970997

Source: security@mozilla.org

Permissions Required

https://www.mozilla.org/security/advisories/mfsa2025-56/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2025-59/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2025-61/

Source: security@mozilla.org

Vendor Advisory

https://www.mozilla.org/security/advisories/mfsa2025-63/

Source: security@mozilla.org

Vendor Advisory

Timeline

No history available yet.