2 matches found
CVE-2018-1000815
Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript in contentsettingsobserver.cc that can result in Websites can run inline JavaScript even if script is blocked, making attackers easier to track user...
CVE-2018-1000815
Brave 0.22.810–0.24.0 contains a vulnerability in ContentSettingsObserver::AllowScript() that could allow inline JavaScript to run even when blocked. Impact is user tracking risk when visiting a crafted site. The issue is fixed in Brave 0.25.2. Exploitation details are not provided in the availab...