URL spoofing in browsers Xiaomi
Vulnerability refers to pre-installed on devices Xiaomi browser Mi 10.5.6, as well as the global version of Mint Browser 1.5.3.
The essence of the bug is that browsers display the URL incorrectly if it contains the “q” parameter .
For example, a link like “ https://www.andmp.com/?q=www.google.com“ will be displayed as in the specified browsers “ www.google.com“.
Most likely, the developers implemented the ability to display search queries directly in the address bar, but did not take into account the consequences.