exploitDog

GHSA-25hr-xcqp-fjjc

Опубликовано: 05 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.

Ссылки

EPSS

Процентиль: 58%

0.00365

Низкий

7.5 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2023-42580

CVSS3: 7.5

nvd

больше 1 года назад

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.

EPSS

Процентиль: 58%

0.00365

Низкий

7.5 High

CVSS3

CVE ID