URL Spoofing Vulnerability in Apple Safari and Microsoft Edge |
Thursday, 13 September 2018 12:00 |
A vulnerability was reported in the Microsoft Edge web browser for Windows and Apple Safari for iOS. Both browsers allowed javascript to update the address bar while the page was still loading. Thus, attackers may be able to conduct phishing attacks through address bar spoofing. Microsoft Edge was patched last month with Microsoft monthly security updates, but Safari is still unpatched at the time of this entry.
|