VYPR
Unrated severityNVD Advisory· Published Feb 20, 2024· Updated Feb 13, 2025

CVE-2024-1551

CVE-2024-1551

Description

Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

32

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.