Brave Browser before 1.59.40 does not properly restrict...
Moderate severity
Unreviewed
Published
Dec 30, 2023
to the GitHub Advisory Database
•
Updated Jan 18, 2024
Description
Published by the National Vulnerability Database
Dec 30, 2023
Published to the GitHub Advisory Database
Dec 30, 2023
Last updated
Jan 18, 2024
Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc.
References