CVE-2021-40835

CVE-2021-40835

An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from another. This is performed by using a very long username part of the url so that user cannot see the domain name. A remote attacker can leverage this to perform url address bar spoofing attack. The fix is, browser no longer shows the user name part in address bar.

Source: CVE-2021-40835

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다