A vulnerability in FireFox has been discovered that relates to cookie management. While not a critical flaw in terms of immediate impact, it is dangerous in that it could potentially lead to spoofing or data compromise, such as usernames. Potentially, a malicious site could lead to someone being tricked:
By injecting text string that includes "\x00," normal safeguards can be bypassed, allowing the browser to be fooled about the origin of a domain trying to set or modify a cookie. The sleight of hand makes a victim's browser appear to be talking to trustedbank.com when in fact it is receiving data from evilhackers.com.
It affects versions up to 18.104.22.168, and the linked article contains demonstrations. It is already reported in Bugzilla and hopefully the Mozilla dev deam will release a patch soon.