Vulnerability Details CVE-2021-33596
Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.9%
CVSS Severity
CVSS v3 Score 3.5
CVSS v2 Score 3.5
References
- https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33596
- https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33596
Products affected by CVE-2021-33596
-
cpe:2.3:a:f-secure:safe:-
-
cpe:2.3:a:f-secure:safe:17.7.260301
-
cpe:2.3:a:f-secure:safe:17.8.264411
-
cpe:2.3:a:f-secure:safe:18.3
-
cpe:2.3:a:f-secure:safe:18.3.272103