GHSA-mmjg-x39c-438qHighCVSS 6.5
Idira Identity Browser Extension (Chrome, Firefox, and Edge builds) versions prior to 26.8.1...
🔗 CVE IDs covered (1)
📋 Description
Idira Identity Browser Extension (Chrome, Firefox, and Edge builds) versions prior to 26.8.1 exhibit an origin validation flaw within its internal web-page verification routines. If an authenticated user navigates to a specially crafted webpage, this interaction could potentially allow a remote attacker to trigger unauthorized application interaction or execution parameters within the context of that authenticated browser session. CyberArk Security Bulletin: CA26-21