CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
58.5%
iCab 2.9.8 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the “Dialog Origin Spoofing Vulnerability.”
Vendor | Product | Version | CPE |
---|---|---|---|
alexander_clauss | icab | 2.9.8 | cpe:2.3:a:alexander_clauss:icab:2.9.8:*:*:*:*:*:*:* |