Описание
Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc.
Ссылки
- Issue TrackingPatch
- Issue TrackingPatch
- Issue TrackingPatch
- Patch
- Issue TrackingPatch
- Issue TrackingPatch
- Issue TrackingPatch
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 1.59.40 (исключая)
cpe:2.3:a:brave:browser:*:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00074
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.1
debian
около 2 лет назад
Brave Browser before 1.59.40 does not properly restrict the schema for ...
CVSS3: 6.1
github
около 2 лет назад
Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc.
EPSS
Процентиль: 22%
0.00074
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601