PT-2026-60208 · Zen Browser · Rdesktop

Publicado

2026-07-15

·

Atualizado

2026-07-15

·

CVE-2026-45150

CVSS v4.0

6.3

Média

VetorAV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N
Zen is a firefox-based browser. Prior to 1.19.13b, Zen Browser did not provide a persistent, clearly visible security notification when a webpage entered fullscreen mode, allowing an attacker-controlled page to hide the real browser UI and origin information, imitate a trusted website UI, and combine with long-domain URL eliding to spoof a trusted origin for phishing and credential theft. This issue is fixed in version 1.19.13b.

Exploit

Correção

UI Misrepresentation of Critical Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-45150

Produtos afetados

Rdesktop