1. Home
  2. Vulnerabilities
  3. CVE-2024-6611

CVE-2024-6611

CVSS v3.1 9.8 (Critical)
98% Progress
EPSS 0.04 % (16th)
0.04% Progress
Advisories 5
NVD Status Awaiting Analysis
Info CVSS EPSS CAPEC References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Weaknesses
CWE-1275
Sensitive Cookie with Improper SameSite Attribute
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
Mozilla Corporation
Published Date
2024-07-09 15:15:13
(2 months ago)
Updated Date
2024-07-16 18:15:09
(2 months ago)