Description

In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method.

INFO

Published Date :

2025-10-30T23:29:44.075Z

Last Modified :

2025-10-31T14:48:00.254Z

Source :

hackerone
AFFECTED PRODUCTS

The following products are affected by CVE-2025-48980 vulnerability.

Vendors Products
Brave
  • Brave
  • Brave Browser
  • Browser
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-48980.

URL Resource
https://hackerone.com/reports/3253725 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact