Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:30 a.m.10 views

CVE-2023-27108

An issue was discovered in KaiOS 3.0. The pre-installed Communications application exposes a Web Activity that returns the user's call log without origin or permission checks. An attacker can inject a JavaScript payload that runs in a browser or app without user interaction or consent. This allow...

5.3CVSS6.8AI score0.00567EPSS
Exploits1References1
OSV
OSV
added 2023/05/01 10:15 p.m.6 views

CVE-2023-27108

An issue was discovered in KaiOS 3.0. The pre-installed Communications application exposes a Web Activity that returns the user's call log without origin or permission checks. An attacker can inject a JavaScript payload that runs in a browser or app without user interaction or consent. This allow...

5.3CVSS5.9AI score0.00567EPSS
Exploits1References2
CVE
CVE
added 2023/05/01 12:0 a.m.53 views

CVE-2023-27108

CVE-2023-27108 (KaiOS 3.0) concerns the pre-installed Communications app, which exposes a Web Activity that returns the user’s call log without origin or permission checks. An attacker can inject a JavaScript payload that runs in a browser or app with no user interaction or consent, enabling exfi...

5.3CVSS5.2AI score0.00567EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/01 12:0 a.m.15 views

CVE-2023-27108

An issue was discovered in KaiOS 3.0. The pre-installed Communications application exposes a Web Activity that returns the user's call log without origin or permission checks. An attacker can inject a JavaScript payload that runs in a browser or app without user interaction or consent. This allow...

5.2AI score0.00567EPSS
Exploits1References2
Rows per page
Query Builder