CVE-2025-13132

High CVSS: 7.4

This vulnerability allowed a site to enter fullscreen, after a user click, without a full-screen notification (toast) appearing. Without this notification, users could potentially be misled about what site they were on if a malicious site renders a fake UI (like a fake address bar.)

Vendor

Product

CWE

CWE-1021

Yayın Tarihi

2025-11-21 18:15:48

Güncelleme

2025-11-25 22:16:42

Source Identifier

59469e6c-7ea7-446f-8e43-06aa32c115e8

KEV Date Added

Kategoriler

CWE-1021 HIGH 2025

Referanslar

https://www.diabrowser.com/security/bulletins#CVE-2025-13132