Read Time:24 Second
Posted by Konstantin on Aug 29
# VULNERABILITY
Mozilla Firefox only stores up to 1024 HSTS entries.
When the limit is reached, Firefox discards entries based on their age
and recent visits to the domain in question.
# IMPACT
The HSTS header ensures that once a page has been visited, the browser
will attempt to connect to it using HTTPS.
The limit means that Firefox effectively does not store any further HSTS
headers, as new ones permanently override each other.
Sites…