Primary

Context

Dia Browser Fullscreen Spoofing Vulnerability

Vulnerability

A vulnerability in Dia Browser on macOS versions prior to 1.6 allows websites to enter fullscreen mode without displaying a notification. This absence of a warning could mislead users about their current site, especially if a malicious site creates a fake user interface, such as a counterfeit address bar. In versions 1.6 and later, the browser correctly notifies users when a site enters fullscreen, thereby mitigating the risk of spoofing.

Impact

Exploitation of this vulnerability increases the risk of user interface spoofing, potentially misleading users about their current website.

Remediation

Users are advised to update Dia Browser to version 1.6 or newer, which includes the necessary fix.

Added: Nov 21, 2025, 6:18 PM

Updated: Nov 21, 2025, 6:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dia Browser Fullscreen Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating