HTTP Auth phishing warning was omitted when a redirect is cached - CVE-2021-23972ID: oval:org.secpod.oval:def:69316 | Date: (C)2021-02-24 (M)2023-12-20 |
Class: VULNERABILITY | Family: macos |
Mozilla Firefox 86 : One phishing tactic on the web is to provide a link with HTTP Auth. For example https://www.phishingtarget.com@evil.com
. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.15 |
Apple Mac OS 11 |