Description
The Web Request API in Whale browser before 3.12.129.18 allowed to deny access to the extension store or redirect to any URL when users access the store.
Scores
CVSS v3
7.1
EPSS
0.0019
EPSS Percentile
41.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Details
CWE
CWE-648
Status
published
Products (1)
navercorp/whale
< 3.12.129.18
Published
Mar 17, 2022
Tracked Since
Feb 18, 2026