Описание
Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names.
Ссылки
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Broken Link
- ExploitVendor Advisory
- Third Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- Broken Link
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.18 (исключая)Версия до 1.9.56 (исключая)
Одно из
cpe:2.3:a:brave:browser:*:*:*:*:*:iphone_os:*:*
cpe:2.3:a:brave:browser:*:*:*:*:*:android:*:*
EPSS
Процентиль: 79%
0.01211
Низкий
4.7 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-451
CWE-79
Связанные уязвимости
CVSS3: 4.7
debian
почти 9 лет назад
Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and e ...
CVSS3: 4.7
github
больше 3 лет назад
Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names.
EPSS
Процентиль: 79%
0.01211
Низкий
4.7 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-451
CWE-79