Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2020-7370
PUBLISHED
More InfoOfficial Page
Assigner-rapid7
Assigner Org ID-9974b330-7714-4307-a722-5648477acda7
View Known Exploited Vulnerability (KEV) details
Published At-20 Oct, 2020 | 16:40
Updated At-16 Sep, 2024 | 17:08
Rejected At-
▼CVE Numbering Authority (CNA)
Danyil Vasilenko Bolt Browser Address Bar Spooofing

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Bolt Browser version 1.4 and prior versions.

Affected Products
Vendor
Danyil Vasilenko
Product
Bolt Browser
Versions
Affected
  • From 1.4 through 1.4 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-451CWE-451 User Interface (UI) Misrepresentation of Critical Information
Type: CWE
CWE ID: CWE-451
Description: CWE-451 User Interface (UI) Misrepresentation of Critical Information
Metrics
VersionBase scoreBase severityVector
3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
This issue was discovered by Rafay Baloch, and disclosed in accordance with Rapid7's coordinated vulnerability disclosure policy at https://www.rapid7.com/security/disclosure#zeroday
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html
x_refsource_MISC
https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/
x_refsource_MISC
Hyperlink: https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html
Resource:
x_refsource_MISC
Hyperlink: https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html
x_refsource_MISC
x_transferred
https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/
x_refsource_MISC
x_transferred
Hyperlink: https://www.rafaybaloch.com/2020/10/multiple-address-bar-spoofing-vulnerabilities.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://blog.rapid7.com/2020/10/20/vulntober-multiple-mobile-browser-address-bar-spoofing-vulnerabilities/
Resource:
x_refsource_MISC
x_transferred
Details not found