10 matches found
CVE-2026-24490
MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...
CVE-2026-24490 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field
MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...
CVE-2026-24490 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field
MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...
EUVD-2026-4834
MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...
CVE-2026-24490
MobSF (Mobile Security Framework)
CVE-2026-24490 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field
MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...
GHSA-8HF7-H89P-3PQJ MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field
Summary A Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The android:host attribute from elements is rendered in HTML reports without...
MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field
Summary A Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The android:host attribute from elements is rendered in HTML reports without...
Tarnish - A Chrome Extension Static Analysis Tool To Help Aide In Security Reviews
tarnish is a static-analysis tool to aid researchers in security reviews of Chrome extensions. It automates much of the regular grunt work and helps you quickly identify potential security vulnerabilities. This tool accompanies the research blog post which can be found here. If you don't want to ...
Advance Android Malware Analysis Framework: Droidefense
Droidefense originally named atom: analysis through observation machine is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has...