Iframe Escape Vulnerability in Whale Browser by NAVER
CVE-2025-62583

Currently unrated

Key Information:

Vendor

Naver

Status
Naver Whale Browser
Vendor
CVE Published:
16 October 2025

What is CVE-2025-62583?

In Whale Browser versions prior to 4.33.325.17, an attacker may exploit a vulnerability that allows them to escape the iframe sandbox in dual-tab configurations. This security flaw can lead to unauthorized access to sensitive information and allows malicious content to interact with the user’s session. Users of Whale Browser are advised to update to the latest version to protect against this vulnerability.

Affected Version(s)

NAVER Whale browser 4.33.325.17

References

https://cve.naver.com/detail/cve-2025-62583.html
vendor-advisory

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mingi Jung, [email protected], Ulsan National Institute of Science and Technology-Web Sec Lab
JSON
.
CVE-2025-62583 : Iframe Escape Vulnerability in Whale Browser by NAVER