Home

Description

Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.

PUBLISHED Reserved 2025-10-16 | Published 2025-10-16 | Updated 2025-10-16 | Assigner naver

Problem types

CWE-346 Origin Validation Error

Product status

Default status
affected

4.33.325.17
unaffected

Credits

Mingi Jung, mingijung.grape@gmail.com, Ulsan National Institute of Science and Technology-Web Sec Lab finder

References

cve.naver.com/detail/cve-2025-62584.html (NAVER Security Advisory) vendor-advisory

cve.org (CVE-2025-62584)

nvd.nist.gov (CVE-2025-62584)

Download JSON