GHSA-848m-8qg2-wmrvMediumCVSS 6.5

Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a...

Published
June 16, 2026
Last Modified
June 16, 2026

🔗 CVE IDs covered (1)

📋 Description

Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability was fixed in Firefox for iOS 152.0.

🔗 References (4)