CVE-2023-28364

2023-06-3023:20:12

hackerone

www.cve.org

cve-2023-28364

qr scanner

url navigation

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

30.3%

JSON

An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now the user must manually navigate to the URL.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "vendor": "Brave Software",
    "product": "Brave Browser Android",
    "versions": [
      {
        "version": "1.52.117",
        "status": "affected",
        "lessThan": "1.52.117",
        "versionType": "semver"
      }
    ]
  }
]

References

hackerone.com/reports/1946534