
Find real vulnerabilities before they ship
Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1.
Base Score
9.1| Base Score | 9.1 |
|---|---|
| Vector String | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
| Base Severity | Critical |
| Version | 3.1 |
| Attack Vector (AV) | NETWORK |