exploitDog

GHSA-q22c-8w9v-qg6w

Опубликовано: 16 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 7.4

Описание

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site.

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site.

Ссылки

EPSS

Процентиль: 8%

0.0003

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-1021

Связанные уязвимости

CVE-2025-15032

CVSS3: 7.4

nvd

23 дня назад

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site.

EPSS

Процентиль: 8%

0.0003

Низкий

7.4 High

CVSS3

CVE ID

Дефекты

CWE-1021