An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL.
References
Link | Resource |
---|---|
https://hackerone.com/reports/1946534 | Exploit Issue Tracking |
https://hackerone.com/reports/1946534 | Exploit Issue Tracking |
Configurations
History
21 Nov 2024, 07:54
Type | Values Removed | Values Added |
---|---|---|
References | () https://hackerone.com/reports/1946534 - Exploit, Issue Tracking |
10 Jul 2023, 18:03
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://hackerone.com/reports/1946534 - Exploit, Issue Tracking | |
First Time |
Brave browser
Brave |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CWE | CWE-601 | |
CPE | cpe:2.3:a:brave:browser:*:*:*:*:*:*:*:* |
01 Jul 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-01 00:15
Updated : 2024-11-21 07:54
NVD link : CVE-2023-28364
Mitre link : CVE-2023-28364
CVE.ORG link : CVE-2023-28364
JSON object : View
Products Affected
brave
- browser
CWE
CWE-601
URL Redirection to Untrusted Site ('Open Redirect')