Brave Software: XSS on internal: privileged origin through reader mode

A vulnerability in Brave iOS versions 1.32.3 and higher allowed for XSS attacks on the privileged origin internal://local through the combination of two weaknesses. The first weakness was the exposure of uuidKey through the REFERER header due to the lack of referrer header protection in the...