CVE-2021-33596

LOW

F-Secure Safe Browser for iOS - Open Redirect

Title source: llm

Description

Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS.

References (3)

[Vendor Advisory] https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame

[Vendor Advisory] https://www.f-secure.com/en/business/support-and-downloads/security-advisories

[Vendor Advisory] https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33596

Scores

CVSS v3 3.5

EPSS 0.0027

EPSS Percentile 50.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-1021

Status published

Products (1)

f-secure/safe < 18.4.272901

Published Aug 05, 2021

Tracked Since Feb 18, 2026