Avant Browser Address Bar Spoofing Vulnerability

Summary
This host is installed with Avant Browser and is prone to Address Bar Spoofing vulnerability.
Impact
Successful exploitation lets the attackers to spoof parts of the address bar and modify page content on a host that a user may consider partly trusted. Impact Level: Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
Address bar can be spoofed via 'window.open()' with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page.
Affected
Avant Browser version 11.7 Build 35 and 36 on Windows.
References