A URL validation issue in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have caused the recipient of a sticker message containing deliberately malformed data to load an image from a sender-controlled URL without user interaction.
CPE | Name | Operator | Version |
---|---|---|---|
lt | 2.20.11 | ||
whatsapp_business | lt | 2.20.2 |