4 matches found
UBUNTU-CVE-2022-40958
By injecting a cookie with certain special characters, an attacker on a shared subdomain which is not a secure context could set and thus overwrite cookies from a secure context, leading to session fixation and other attacks. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and...
Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...
Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that by injecting a cookie with certain special characters, an attacker on a shared subdomain, which is not a secure context, could set and overwrite cookies from a secure context, leading to session fixatio...
Mozilla Firefox 注入漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 105, which stems from the fact that by injecting a cookie with certain special characters, an attacker on a shared subdomain in a...