CVE-2018-5114

2018-06-11T21:29:00
ID CVE-2018-5114
Type cve
Reporter cve@mitre.org
Modified 2018-06-25T18:42:00

Description

If an existing cookie is changed to be "HttpOnly" while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the changed HttpOnly cookie. This vulnerability affects Firefox < 58.