Inko

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 58 Description: The issue is related to errors in the implementation of cookie storage in Mozilla Firefox. It allows a remote attacker to access HttpOnly cookies using a crafted HTTP request. When an existing cookie is changed to be "HttpOnly" while a document is open, the original value remains accessible through script until that document is closed. However, network requests correctly use the changed HttpOnly cookie. Recommendations: For versions prior to 58, update to version 58 or later to resolve the issue. As a temporary workaround, consider closing all documents after changing a cookie to "HttpOnly" to prevent script access to the original value. Restrict access to sensitive information stored in cookies to minimize the risk of exploitation.