PT-2025-27863 · Unknown · Whale Browser
Un3Xploitable
·
Published
2025-07-04
·
Updated
2025-07-09
·
CVE-2025-53599
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Whale browser for iOS versions prior to 3.9.1.4206
Description:
The issue allows an attacker to execute malicious scripts in the browser via a crafted JavaScript scheme. This can be achieved by manipulating a specific JavaScript scheme.
Recommendations:
For versions prior to 3.9.1.4206, update to version 3.9.1.4206 or later to resolve the issue. As a temporary workaround, consider restricting the use of JavaScript schemes in the browser until the update is applied.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Whale Browser