Description
User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the RITS Browser version 3.3.9 and prior versions.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html
Exploit, Mitigation, Third Party Advisory x_refsource_misc
https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/
Scores
CVSS v3
4.3
EPSS
0.0098
EPSS Percentile
57.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Details
CWE
CWE-451
CWE-1021
Status
published
Products (1)
raiseitsolutions/rits_browser
< 3.3.9
Published
Oct 20, 2020
Tracked Since
Feb 18, 2026