CVE-2022-45413

Summary

Using the <code>S.browser_fallback_url parameter</code> parameter, an attacker could redirect a user to a URL and cause SameSite=Strict cookies to be sent.<br>This issue only affects Firefox for Android. Other operating systems are not affected.. This vulnerability affects Firefox < 107.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 107affected

Weaknesses

  • SameSite=Strict cookies could have been sent cross-site via intent URLs

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References