4 matches found
CVE-2020-5604
Android App 'Mercari' Japan version prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView...
CVE-2020-5604
Android App 'Mercari' Japan version prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView...
CVE-2020-5604
Android App 'Mercari' Japan version prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView...
CVE-2020-5604
CVE-2020-5604 affects the Android App “Mercari” (Japan version) prior to version 3.52.0. The vulnerability arises from inadequate restrictions on addJavascriptInterface in WebView, enabling a remote attacker to trigger arbitrary Java method execution via Java Reflection API from JavaScript code o...