Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox 安全漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 123 版本之前存在安全漏洞,该漏洞源于在多部分 HTTP 响应中,Set-Cookie 响应标头被错误地遵守。 如果攻击者可以控制 Content-Type 响应标头以及响应正文的一部分,他们就可以注入浏览器会接受的 Set-Cookie 响应标头。
CVSS Information
N/A
Vulnerability Type
N/A