Home

Description

Whale browser before 3.26.244.21 allows an attacker to execute malicious JavaScript due to improper sanitization when processing a built-in extension.

PUBLISHED Reserved 2024-07-08 | Published 2024-07-11 | Updated 2024-08-02 | Assigner naver

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Product status

Default status
affected

3.26.244.21
unaffected

Credits

James Dean (YSK) finder

References

cve.naver.com/detail/cve-2024-40618.html (NAVER Security Advisory) vendor-advisory

cve.org (CVE-2024-40618)

nvd.nist.gov (CVE-2024-40618)

Download JSON