Xiaomi has trouble permanently patching its browsers against a vulnerability that enables spoofing URLs in a way that is difficult to detect by users. The flaw affects the international versions of Mint Browser and Mi, the web browser that comes pre-installed on Xiaomi smartphones. It was patched and re-patched, and yet it still persists in the two products that are present on millions of devices. Xiaomi’s Mint Browser has over 500,000 installs on Google Play, but Mi is likely not the browser of choice of as many users.
Source: https://www.bleepingcomputer.com/news/security/xiaomi-browsers-still-vulnerable-after-failed-patches/