CVE-2015-2744

CVE Database · CVE-2015-2744

CVE-2015-2744

· N/AModified

CVSS v3.1

N/A

EPSS

0.81%

Published

Aug 7, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a crafted search link that is mishandled after re-opening the browser or opening the tab view.

Weaknesses (CWE)

CWE-79

Affected Products (1)

mozilla · firefox_osvulnerable

References (4)

http://www.mozilla.org/security/announce/2015/mfsa2015-72.html

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=1102204

http://www.mozilla.org/security/announce/2015/mfsa2015-72.html

Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=1102204

KEV Catalog EPSS Scores Vendors All CVEs