exploitDog

GHSA-95m4-cmvc-pjh9

Опубликовано: 05 дек. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.

Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.

Ссылки

EPSS

Процентиль: 52%

0.00291

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2023-42581

CVSS3: 7.5

nvd

около 2 лет назад

Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.

EPSS

Процентиль: 52%

0.00291

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20