CVE-2020-7369
published 2020-10-20CVE-2020-7369: Yandex Browser Address Bar Spooofing User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser…
medium4.3CVSS 3.1
AVNACLPRNUIRSUCLINAN
EPSS
0.98%
57.8th percentile
Yandex Browser Address Bar Spooofing
User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version 20.8.4 released October 1, 2020.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yandex | yandex_browser | 20.8.3 – 20.8.3 | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
cvelistv54.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-10-20
Published