CVE-2023-29459 in FC Red Bull Salzburg AppИнформация

Сводка

по MITRE • 26.06.2023

The laola.redbull application through 5.1.9-R for Android exposes the exported activity at.redbullsalzburg.android.AppMode.Default.Splash.SplashActivity, which accepts a data: URI. The target of this URI is subsequently loaded into the application's webview, thus allowing the loading of arbitrary content into the context of the application. This can occur via the fcrbs schema or an explicit intent invocation.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Резервировать

06.04.2023

Раскрытие

26.06.2023

Модерация

принято

Вход

VDB-230650

Эксплойт

Скачать

EPSS

0.00649

KEV

Нет

Деятельности

Очень низкий

Источники

Do you need the next level of professionalism?

Upgrade your account now!