exploitDog

GHSA-q3ph-6xgh-hmgq

Опубликовано: 27 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

Ссылки

EPSS

Процентиль: 58%

0.00362

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20

CWE-79

Связанные уязвимости

CVE-2023-21516

CVSS3: 7.5

nvd

больше 2 лет назад

XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

EPSS

Процентиль: 58%

0.00362

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-20

CWE-79