CVE-2025-69234

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.

critical 9.1 CVSS 3.1
Published: Dec 30, 2025
Modified: Jan 13, 2026
Vendor: Navercorp
Product: Whale

Description

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.

References

Related CVEs

CVE-2025-69235 high · 7.5
Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.