Endpoint Vulnerability

Firefox for Android addressbar can be removed after fullscreen mode

Description

Security researcher Jordi Chancel reported when Firefox for Android exits fullscreen mode, it can be induce through script to not restore the addressbar when the window is redrawn in normal mode. This could allow an attacker to spoof the addressbar with their own content.

Affected Products

Firefox

References

CVE-2015-7185,