VDB

CNVD-2024-12551

CNVD-2024-12551 PUBLISHED CVSS 6.099999904632568 MEDIUM

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox存在HTTP头注入漏洞,该漏洞源于Set-Cookie响应报头在多部分HTTP响应中被错误地执行,攻击者可利用该漏洞注入浏览器所认可的Set-Cookie响应头。

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
MozillaFirefox ESRunspecified
MozillaThunderbirdunspecified
MozillaFirefoxunspecified

Timeline

  • Feb 20, 2024 CVE Published
  • Feb 20, 2024 PoC Published
  • Feb 21, 2024 PoC Published
  • Mar 1, 2024 CVE ID Reserved
  • Mar 8, 2024 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›