PT-2025-52488 · Unknown · Arcsearch For Android
Published
2025-12-19
·
Updated
2025-12-19
·
CVE-2025-14809
CVSS v3.1
7.4
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
ArcSearch for Android versions prior to 1.12.6
Description
ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, potentially enabling address bar spoofing after user interaction with specially crafted web content. This issue allows an attacker to deceive a user by presenting a misleading domain name in the address bar while displaying content from a different, potentially malicious, source.
Recommendations
Update ArcSearch for Android to version 1.12.6 or later.
Fix
Clickjacking
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arcsearch For Android