cbcvebase.
CVE-2020-7369
published 2020-10-20

CVE-2020-7369: Yandex Browser Address Bar Spooofing User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser…

medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
EPSS
0.98%
57.8th percentile
Yandex Browser Address Bar Spooofing User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version 20.8.4 released October 1, 2020.

Affected

1 ranges
VendorProductVersion rangeFixed in
yandexyandex_browser20.8.3 – 20.8.3

CVSS provenance

nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
cvelistv54.3MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.