CVE-2026-53900

Vulnerability Description

Firefox for iOS preserved cookies set on the initial PDF request across cross-origin HTTP redirects in TemporaryDocument, allowing a malicious site to inject arbitrary cookies into requests to an unrelated target domain. This vulnerability was fixed in Firefox for iOS 152.0.

Vulnerability Details

Published Date

June 16, 2026

Last Modified

June 16, 2026

Source

NVD

Vendor

Mozilla

Product

Firefox for iOS

External References

https://bugzilla.mozilla.org/show_bug.cgi?id=2043204
https://www.mozilla.org/security/advisories/mfsa2026-56/

CVE-2026-53900

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment