Due to lack of proper authorization... CVE-2023-6542

- AV AC AU C I A
发布: 2023-12-12
修订: 2023-12-18

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL including application deep links on the device.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息