#CVE-2023-5723: Invalid cookie characters could have led to unexpected errors Reporter Daniel Veditz Impact moderate DescriptionĪn attacker with temporary script access to a site could have set a cookie containing invalid characters using okie that could have led to unknown errors. Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. #CVE-2023-5722: Cross-Origin size and header leakage Reporter annevk Impact moderate Description It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay. #CVE-2023-5721: Queued up rendering could have allowed websites to clickjack Reporter Kelsey Gilbert Impact high Description Mozilla Foundation Security Advisory 2023-45 Security Vulnerabilities fixed in Firefox 119 Announced OctoImpact high Products Firefox Fixed in
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |