CVEs-PoC/2021/CVE-2021-33596.md

### [CVE-2021-33596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33596)
![](https://img.shields.io/static/v1?label=Product&message=F-Secure%20Mobile%20Security&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=18.3x%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Fake%20Apple%20login%20prompt%20in%20F-Secure%20SAFE%20browser%20for%20iOS&color=brightgreen)

### Description

Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS.

### POC

#### Reference
- https://www.f-secure.com/en/business/support-and-downloads/security-advisories

#### Github
No PoCs found on GitHub currently.