← Back to CVE List

CVE-2021-40835

Published: 2021-12-16T11:15Z
Last Modified: 2024-11-21T06:24Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from another. This is performed by using a very long username part of the url so that user cannot see the domain name. A remote attacker can leverage this to perform url address bar spoofing attack. The fix is, browser no longer shows the user name part in address bar. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt