CVE-2025-47241 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In browser-use (aka Browser Use) before 0.1.45, URL parsing of allowed_domains is mishandled because userinfo can be placed in the authority component.
Medium CVSS: 4.0

CVE-2025-47241

In browser-use (aka Browser Use) before 0.1.45, URL parsing of allowed_domains is mishandled because userinfo can be placed in the authority component.
Vendor
-
Product
-
CWE
CWE-647
Yayın Tarihi
2025-05-03 21:15:48
Güncelleme
2025-05-05 20:54:19
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-647 MEDIUM 2025

Referanslar

https://github.com/browser-use/browser-use/pull/1561 https://github.com/browser-use/browser-use/releases/tag/0.1.45 https://github.com/browser-use/browser-use/security/advisories/GHSA-x39x-9qw5-ghrf