Denial of Service Vulnerability in GNOME Web (Epiphany) through 3.28.2.1

Denial of Service Vulnerability in GNOME Web (Epiphany) through 3.28.2.1

CVE-2018-11396 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.

Learn more about our Web App Pen Testing.