N/A

Whale Bridge, a default extension in Whale browser before 3.12.129.18, allowed to receive any SendMessage request from the content script itself that could lead to controlling Whale Bridge if the rendering process compromises.

N/A

将资源暴露给错误范围

Naver Whale Browser 安全漏洞

Naver Whale Browser是韩国Naver公司的一款支持用户自定义界面的网页浏览器。 Naver Whale Browser 3.12.129.18 之前存在安全漏洞，该漏洞源于 Whale 浏览器中的默认扩展允许接收来自内容脚本本身的任何 SendMessage 请求。

N/A

N/A