A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, which could let a malicious user conduct a man-in-the-middle via specially crafted JavaScript to add arbitrary URLs to the URL whitelist.
[
{
"product": "Norton Mobile Security for Android",
"vendor": "Symantec",
"versions": [
{
"status": "affected",
"version": "before 3.16"
}
]
}
]