CVE-2024-6611

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 9, 2024
Updated: Jul 16, 2024
CWE ID 1275

Summary

CVE-2024-6611 is a vulnerability affecting Firefox versions below 128 and Thunderbird versions below 128. Maliciously crafted web content, utilizing a nested iframe, can initiate cross-site navigation and send SameSite=Strict or Lax cookies. This issue poses a potential security risk as the intended recipient may not have expected or intended to share these cookies, potentially leading to unintended data exposure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share