GHSA-6xv8-mg86-mq56MediumCVSS 4.3
Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP...
🔗 CVE IDs covered (1)
📋 Description
Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP redirects in TemporaryDocument, allowing a malicious site to inject arbitrary cookies into requests to an unrelated target domain. This vulnerability was fixed in Firefox for iOS 152.0.