HTTP Auth phishing warning was omitted when a redirect is cached - CVE-2021-23972ID: oval:org.secpod.oval:def:69329 | Date: (C)2021-02-24 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
Mozilla Firefox 86: One phishing tactic on the web is to provide a link with HTTP Auth. For example https://www.phishingtarget.com@evil.com
. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached by the browser.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Microsoft Windows Server |