CVE-2016-8503

EUVD-2016-9351
Yandex Protect Anti-phishing warning in Yandex Browser for desktop from version 16.7 to 16.9 could be used by remote attacker for brute-forcing passwords from important web-resource with special JavaScript.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
yandexyandex_browser
16.7.0.3342
yandexyandex_browser
16.7.1.20808
yandexyandex_browser
16.9.1.1131
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/93921
https://browser.yandex.com/security/changelogs/
http://www.securityfocus.com/bid/93921
https://browser.yandex.com/security/changelogs/