N/A

On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferred in some cases. When combined with an open redirector vulnerability on a trusted site, this could allow a malicious site to initiate a download whose origin in the file select dialog appears as the trusted site which initiated the redirect.

N/A

N/A

Brave Browser 输入验证错误漏洞

Brave Browser是Brave公司的一款适用于 PC、Mac 和移动设备的快速、私密且安全的网络浏览器。 Brave Browser 1.70.x版本至1.73.x版本存在输入验证错误漏洞，该漏洞源于在某些情况下文件选择对话框中站点来源未被正确识别，可能会允许恶意站点启动下载。

N/A

N/A