CVE-2015-3830

MEDIUM

Android - SSRF

Title source: llm

Description

The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate domain names.

References (2)

[Third Party Advisory] https://github.com/CHEF-KOCH/Android-Vulnerabilities-Overview/blob/master/2015.md

[Exploit, Third Party Advisory] https://jsfiddle.net/dy4swq4o/

Scores

CVSS v3 6.5

EPSS 0.0016

EPSS Percentile 37.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-20

Status published

Products (2)

google/android

n/a/n/a

Published Jun 06, 2017

Tracked Since Feb 18, 2026