When a secure cookie existed in the Firefox cookie jar an insecure cookie for the same domain could have been created, when it should have silently failed. This could have led to a desynchronization in expected results when reading from the secure cookie. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla focus |
||
mozilla firefox esr |
||
mozilla firefox |