Safari, other mobile browsers affected by address bar spoofing flaws
Rafay Baloch has discovered address bar spoofing vulnerabilities in several mobile browsers, including Safari and Opera Mini/Touch.
Rafay Baloch has discovered address bar spoofing vulnerabilities in several mobile browsers, including Safari and Opera Mini/Touch.
A vulnerability in Google’s Chromium-based browsers would allow attackers to bypass the Content Security Policy (CSP) on websites, in order to steal data and execute rogue code. The bug (CVE-2020-6519) is found in Chrome, Opera and Edge, on Windows, Mac and Android – potentially affecting billions of web users.
NSS Labs released the results of its web browser security test after testing Chrome, Edge, Mozilla Firefox, and Opera, for phishing and malware protection.
