2 matches found
CVE-2019-13321
This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific flaw exists within the...
CVE-2019-13321
CVE-2019-13321 affects Xiaomi Browser prior to 10.4.0. The flaw is in the Captive Portal handling of HTTP responses; a crafted HTML response can cause the Captive Portal to open a browser to a specified location, enabling code execution in the context of the current process when combined with oth...