Home

Description

Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.

PUBLISHED Reserved 2021-01-15 | Published 2025-05-21 | Updated 2025-05-21 | Assigner yandex




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-116 Improper Encoding or Escaping of Output

Product status

Default status
unaffected

21.3.0 (custom)
affected

Credits

Kirtikumar Anandrao Ramchandani finder

References

yandex.com/bugbounty/i/hall-of-fame-browser/

cve.org (CVE-2021-25262)

nvd.nist.gov (CVE-2021-25262)

Download JSON