CVE-2025-53599
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-04
Last updated on: 2025-10-01
Assigner: Naver Corporation
Description
Description
Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| navercorp | whale | to 3.9.1.4206 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Whale browser for iOS versions before 3.9.1.4206 allows an attacker to execute malicious scripts within the browser by using a specially crafted JavaScript scheme.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could run malicious scripts in your browser, potentially leading to unauthorized actions such as stealing sensitive information, session hijacking, or other malicious activities within the browser context.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70