Whale Browser Content Security Policy Bypass Vulnerability

Vulnerability

A vulnerability in Whale browser versions prior to 4.33.325.17 allows attackers to bypass the Content Security Policy. This issue arises in a dual-tab environment, where a specific scheme can be exploited to circumvent security measures.

Impact

Exploitation of this vulnerability allows for the bypass of Content Security Policy, potentially leading to the execution of malicious scripts or the loading of harmful resources.

Added: Oct 16, 2025, 7:17 AM

Updated: Oct 16, 2025, 2:37 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.6

exploitability

4.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Whale Browser Content Security Policy Bypass Vulnerability

Vulnerability

Impact

Affected Products

NAVER Whale

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating