CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 2CVE-2016-9473
https://notcve.org/view.php?id=CVE-2016-9473
Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attackers to trick a victim by displaying a malicious page for legitimate domain names. Brave Browser iOS en versiones anteriores a 1.2.18 y Brave Browser Android 1.9.56 y en versiones anteriores sufren de suplantación de barra de dirección completa, lo que permite a los atacantes engañar a una víctima mediante la visualización de una página maliciosa para nombres de dominio legítimos. • http://www.securityfocus.com/bid/97155 https://cxsecurity.com/issue/WLB-2017010042 https://github.com/brave/browser-ios/pull/504 https://hackerone.com/reports/175958 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-451: User Interface (UI) Misrepresentation of Critical Information •