2 matches found
CVE-2020-7364
CVE-2020-7364 is a UI-based spoofing vulnerability in UCWeb UC Browser (Android) affecting version 13.0.8 and earlier. The root cause is a misrepresentation in the address bar, enabling an attacker to obfuscate the true source of data via JavaScript timing tricks, potentially causing a pop-up or ...
CVE-2020-7363
CVE-2020-7363 affects UCWeb UC Browser versions 13.0.8 and earlier, enabling UI/address-bar spoofing through JavaScript timing tricks that can mislead users about the page origin. Exploitation requires visiting a page hosting executable JavaScript; it can trigger in-browser content or popups that...