Mozilla Foundation Security Advisory 2025-79
Security Vulnerabilities fixed in Firefox for iOS 143.1
- Announced
- September 28, 2025
- Impact
- moderate
- Products
- Firefox for iOS
- Fixed in
-
- Firefox for iOS 143.1
#CVE-2025-10859: Data stored in cookies for non-HTML content while browsing Incognito could be viewed after closing private tabs
- Reporter
- Muneaki Nishimura
- Impact
- moderate
Description
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs