Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2023-42471
HistorySep 11, 2023 - 12:00 a.m.

CVE-2023-42471

2023-09-1100:00:00
mitre
www.cve.org
1
wave.ai.browser
remote code execution
manifest entry
webview component
intent validation
security vulnerability

AI Score

9.3

Confidence

High

EPSS

0.01

Percentile

83.8%

JSON

The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web content and doesn’t adequately validate or sanitize the URI or any extra data passed in the intent by a third party application (with no permissions).

Related

nvd 1
prion 1
cve 1
githubexploit 1
nvd
nvd
CVE-2023-42471
2023-09-11 08:15:07
prion
prion
Design/Logic Flaw
2023-09-11 08:15:00
cve
cve
CVE-2023-42471
2023-09-11 08:15:07
githubexploit
githubexploit
Exploit for CVE-2023-34761
2023-01-21 01:57:05

AI Score

9.3

Confidence

High

EPSS

0.01

Percentile

83.8%

JSON
Related for CVELIST:CVE-2023-42471
nvd1prion1cve1githubexploit1