CVE-2019-6251

Source
Severity Medium
Remote Yes
Type Content spoofing
Description
embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows address bar spoofing because a page load triggered by JavaScript leads to updating an address as if it were triggered by a safer visit type (e.g., VISIT_LINK, VISIT_TYPED, VISIT_BOOKMARK, or VISIT_HOMEPAGE). This is similar to the CVE-2018-8383 issue in Microsoft Edge.
Group Package Affected Fixed Severity Status Ticket
AVG-851 epiphany 3.32.0-1 Medium Vulnerable
References
https://gitlab.gnome.org/GNOME/epiphany/issues/532