exploitDog

GHSA-p7fx-m2v4-mhhw

Опубликовано: 14 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.3

Описание

Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens.

Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens.

Ссылки

EPSS

Процентиль: 26%

0.00091

Низкий

8.3 High

CVSS4

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2025-27388

nvd

6 месяцев назад

Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens.

EPSS

Процентиль: 26%

0.00091

Низкий

8.3 High

CVSS4

CVE ID

Дефекты

CWE-20