Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple Safari Cookie修改漏洞
Vulnerability Description
Apple Apple Safari是美国苹果(Apple)公司开发的一款Web浏览器,是Mac OS X和iOS操作系统附带的默认浏览器。 Apple Safari不能正确限制建立在HTTPS会话中的cookies的修改。中间人攻击者可借助HTTP响应中的Set-Cookie头覆盖或者删除任意cookies。
CVSS Information
N/A
Vulnerability Type
N/A