{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-3035","assignerOrgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","state":"PUBLISHED","assignerShortName":"mozilla","dateReserved":"2025-03-31T09:35:34.434Z","datePublished":"2025-04-01T12:29:06.641Z","dateUpdated":"2026-04-13T14:29:32.339Z"},"containers":{"cna":{"affected":[{"product":"Firefox","vendor":"Mozilla","versions":[{"status":"unaffected","version":"137","lessThanOrEqual":"*","versionType":"rpm"}]}],"descriptions":[{"lang":"en","value":"By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability was fixed in Firefox 137.","supportingMedia":[{"type":"text/html","base64":false,"value":"By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability was fixed in Firefox 137."}]}],"title":"Tab title disclosure across pages when using AI chatbot","references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268"},{"url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"}],"credits":[{"lang":"en","value":"Matthew Noorenberghe"}],"providerMetadata":{"orgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","shortName":"mozilla","dateUpdated":"2026-04-13T14:29:32.339Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-359","lang":"en","description":"CWE-359 Exposure of Private Personal Information to an Unauthorized Actor"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.3,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-04-10T20:14:08.824400Z","id":"CVE-2025-3035","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-04-10T20:14:13.747Z"}}]}}