CVE-2023-52263

MEDIUM WAF: Medium

CVSS 6.1 Published: 2023-12-30

CWE-601

Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_controller_factory.cc.

WAF Coverage Analysis

Open Redirect Medium WAF Coverage

OWASP: A01:2021 Broken Access Control

941xxx - XSS / XXE

Affected Software

Vendor	Product	Version
brave	browser	up to 1.59.40

References

github.com (Issue Tracking, Patch)
github.com (Issue Tracking, Patch)
github.com (Issue Tracking, Patch)
github.com (Patch)

Back to CVE Database