exploitDog

GHSA-6q4x-p962-hh53

Опубликовано: 27 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

Ссылки

EPSS

Процентиль: 40%

0.00183

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2023-21515

CVSS3: 7.5

nvd

больше 2 лет назад

InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

EPSS

Процентиль: 40%

0.00183

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20