Incomplete display of URL could lead to address bar spoofing.
RISK LEVEL: Medium
FIX: A fix has been released in the automatic update channel since 13th April, 2022. No user action is required.
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.
This issue was reported to F-Secure through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.
F-Secure Corporation would like to thank Kirtikumar Anandrao Ramchandani for bringing this issue to our attention.
Date Issued: 2022-04-14