PT-2023-21674 · Brave · Brave Browser

Roland_Hack

Publicado

2023-06-30

Atualizado

2023-07-10

CVE-2023-28364

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Brave Browser Android versions prior to 1.52.117

Description An Open Redirect issue exists where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now, the user must manually navigate to the URL.

Recommendations For versions prior to 1.52.117, update to version 1.52.117 or later to resolve the issue. As a temporary workaround, consider disabling the automatic navigation feature of the QR scanner until the update is applied.

Exploit

Correção

Open Redirect

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-601

Identificadores relacionados

CVE-2023-28364

Produtos afetados

Brave Browser

PT-2023-21674 · Brave · Brave Browser

CVE-2023-28364

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5