Content Security Policy Bypass in Whale Browser by NAVER
CVE-2025-62585

Currently unrated

Key Information:

Vendor

Naver

Status
Naver Whale Browser
Vendor
CVE Published:
16 October 2025

What is CVE-2025-62585?

A vulnerability exists in the Whale browser that allows an attacker to bypass the Content Security Policy through a specific scheme in a dual-tab environment. This flaw could enable malicious actions, potentially compromising the integrity and security of web applications viewed through the browser.

Affected Version(s)

NAVER Whale browser 4.33.325.17

References

https://cve.naver.com/detail/cve-2025-62585.html
vendor-advisory

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mingi Jung, [email protected], Ulsan National Institute of Science and Technology-Web Sec Lab
JSON
.
CVE-2025-62585 : Content Security Policy Bypass in Whale Browser by NAVER