CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.

high 7.5 CVSS 3.1
Published: Dec 30, 2025
Modified: Jan 13, 2026
Vendor: Navercorp
Product: Whale

Description

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.

References

Related CVEs

CVE-2025-69234 critical · 9.1
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.