F-Secure Safe Browser Address Bar clickjacking

A vulnerability, which was classified as critical, has been found in F-Secure Safe Browser (unknown version). This issue affects some unknown processing of the component Address Bar Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field05/12/2022 04:25 PM05/14/2022 05:56 PM05/14/2022 06:04 PM
vendorF-SecureF-SecureF-Secure
nameSafe BrowserSafe BrowserSafe Browser
componentAddress Bar HandlerAddress Bar HandlerAddress Bar Handler
cwe451 (privilege escalation)451 (privilege escalation)451 (privilege escalation)
risk111
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rcCCC
urlhttps://www.f-secure.com/en/home/support/security-advisories/cve-2022-28873https://www.f-secure.com/en/home/support/security-advisories/cve-2022-28873https://www.f-secure.com/en/home/support/security-advisories/cve-2022-28873
cveCVE-2022-28873CVE-2022-28873CVE-2022-28873
cve_assigned164936880016493688001649368800
date1652306400 (05/12/2022)1652306400 (05/12/2022)1652306400 (05/12/2022)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss2_vuldb_basescore7.57.57.5
cvss2_vuldb_tempscore7.57.57.5
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore6.36.36.3
cvss3_meta_basescore6.36.35.3
cvss3_meta_tempscore6.36.35.3
price_0day$0-$5k$0-$5k$0-$5k
cve_nvd_summaryA vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.
cvss3_cna_avN
cvss3_cna_acL
cvss3_cna_prH
cvss3_cna_uiR
cvss3_cna_sU
cvss3_cna_cL
cvss3_cna_iL
cvss3_cna_aL
cve_cnaF-Secure
cvss3_cna_basescore4.3

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!