CVE-2022-24073
HIGHWhale < 3.12.129.18 - Unauthenticated URL Redirection via Web Request API
Title source: llmDescription
The Web Request API in Whale browser before 3.12.129.18 allowed to deny access to the extension store or redirect to any URL when users access the store.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://cve.naver.com/detail/cve-2022-24073
Scores
CVSS v3
7.1
EPSS
0.0056
EPSS Percentile
41.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Details
CWE
CWE-648
Status
published
Products (1)
navercorp/whale
< 3.12.129.18
Published
Mar 17, 2022
Tracked Since
Feb 18, 2026