mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-31 10:40:54 +00:00
938 B
938 B
CVE-2003-0594
Description
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
POC
Reference
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A917
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9826
Github
No PoCs found on GitHub currently.