Firefox < 58 Cookie Vulnerability: Access to Original Value via Script

Firefox < 58 Cookie Vulnerability: Access to Original Value via Script

CVE-2018-5114 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

If an existing cookie is changed to be "HttpOnly" while a document is open, the original value remains accessible through script until that document is closed. Network requests correctly use the changed HttpOnly cookie. This vulnerability affects Firefox < 58.

Learn more about our Network Penetration Testing.