|
Mozilla URI Sub-Directory Arbitrary Cookie Access Vulnerability
A problem has been discovered in the behavior of the cookie handling in Mozilla. If similar path attributes exist in two separate cookies, it may be possible for a site to gain unauthorized access to cookies issued by another site in the same domain. The correct behavior is to restrict this type of access based both on domain and exact path attribute information. |
|
|
Privacy Statement |
