CVE-2016-9473
N/A
N/A
Summary
Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Brave Software Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier | Brave Software Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier | affected |
Weaknesses
- CWE-451: User Interface (UI) Misrepresentation of Critical Information (CWE-451)
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/brave/browser-ios/pull/504
- https://cxsecurity.com/issue/WLB-2017010042
- https://hackerone.com/reports/175958
- http://www.securityfocus.com/bid/97155
References
- https://github.com/brave/browser-ios/pull/504
- https://cxsecurity.com/issue/WLB-2017010042
- https://hackerone.com/reports/175958
- http://www.securityfocus.com/bid/97155
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.