Lucene search
K

4 matches found

NVD
NVD
added 2026/06/16 1:16 p.m.14 views

CVE-2026-53899

Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0...

6.5CVSS0.00096EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 11:53 a.m.18 views

CVE-2026-53899

CVE-2026-53899 affects Firefox for iOS. The issue arises from partial domain matching when attaching cookies to PDF requests, enabling a malicious site on a suffix domain to receive cookies belonging to the target site. The root cause is tied to how cookies were matched during PDF handling, leadi...

6.5CVSS5.3AI score0.00096EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/16 11:53 a.m.26 views

CVE-2026-53899 Cross-origin cookies could be leaked when opening a PDF link

Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0...

0.00096EPSS
Exploits0References2
Mozilla
Mozilla
added 2026/06/16 12:0 a.m.26 views

Security Vulnerabilities fixed in Firefox for iOS 152.0 — Mozilla

Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP redirects in...

6.5CVSS5.3AI score0.001EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder