CVE-2024-6611
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Jul 9, 2024
Updated: Jul 16, 2024
CWE ID 1275
Summary
CVE-2024-6611 is a vulnerability affecting Firefox versions below 128 and Thunderbird versions below 128. Maliciously crafted web content, utilizing a nested iframe, can initiate cross-site navigation and send SameSite=Strict or Lax cookies. This issue poses a potential security risk as the intended recipient may not have expected or intended to share these cookies, potentially leading to unintended data exposure.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Mozilla Firefox
Affected Vendors
- Mozilla