CVE-2025-3035

{"id": "CVE-2025-3035", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-04-01T13:15:41.893", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1952268", "tags": ["Permissions Required"], "source": "[email protected]"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-20/", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-359"}]}], "descriptions": [{"lang": "en", "value": "By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox < 137."}, {"lang": "es", "value": "Al usar el chatbot de IA en una pesta\u00f1a y activarlo posteriormente en otra, el t\u00edtulo del documento de la pesta\u00f1a anterior se filtraba en el mensaje de chat. Esta vulnerabilidad afecta a Firefox (versi\u00f3n anterior a la 137)."}], "lastModified": "2025-04-15T12:55:21.203", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "A6CBADD8-E865-41B5-BDDD-1572F97D5176", "versionEndExcluding": "137.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}