Malicious scripts that interrupt new tab page loading...
Moderate severity
Unreviewed
Published
Feb 16, 2026
to the GitHub Advisory Database
•
Updated Feb 17, 2026
Description
Published by the National Vulnerability Database
Feb 16, 2026
Published to the GitHub Advisory Database
Feb 16, 2026
Last updated
Feb 17, 2026
Malicious scripts that interrupt new tab page loading could cause desynchronization between the address bar and page content, allowing the attacker to spoof arbitrary HTML under a trusted domain. This vulnerability affects Firefox for iOS < 147.2.1.
References