CVE-2025-62585

Summary

Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.

Affected Software

VendorProductVersion RangeStatus
NAVERNAVER Whale browser4.33.325.17unaffected

Weaknesses

  • CWE-358: CWE-358 Improperly Implemented Security Check for Standard

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References