firefox is vulnerable to session fixation. The vulnerability exists because of injecting a cookie with certain special characters, allowing an attacker to gain privileges via the client-side cookie.
git://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-40958
access.redhat.com/security/cve/CVE-2022-40958
bugzilla.mozilla.org/show_bug.cgi?id=1779993
bugzilla.redhat.com/show_bug.cgi?id=2128794
www.mozilla.org/security/advisories/mfsa2022-40/
www.mozilla.org/security/advisories/mfsa2022-41/
www.mozilla.org/security/advisories/mfsa2022-42/