EUVD-2019-2598

Malware in sbrugna...

CVE-2019-10875

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g aka the MIUI native browser and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user...

Xiaomi Mi browser and Xiaomi Mint Browser input validation error vulnerability

Xiaomi Mi browser and Xiaomi Mint Browser are both lightweight web browsers from the Chinese company Xiaomi Technology Xiaomi. An input validation error vulnerability exists in Xiaomi Mi browser and Xiaomi Mint Browser, which arises from a network system or product that does not properly validate...

Change This Browser Setting to Stop Xiaomi from Spying On Your Incognito Activities

If you own a Xiaomi smartphone or have installed the Mi browser app on any of your other brand Android device, you should enable a newly introduced privacy setting immediately to prevent the company from spying on your online activities. The smartphone maker has begun rolling out an update to its...

Xiaomi Mi Browser / Mint Browser URL Spoofing

Exploit Title: URL Spoofing Exploit for Xiaomi Mi Browser v10.5.6-g and Mint Browser v1.5.3 Date : 11/04/2019 Exploit Author: Arif Khan @payloadartist Vendor Homepage: www.xiaomi.com Version : v10.5.6-g and v1.5.3 Tested On : MIUI OS, v10.1.3.0 CVE : CVE-2019-10875 Exploit:...

CVE-2019-10875

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g aka the MIUI native browser and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user...

Spoofing

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g aka the MIUI native browser and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user...

CVE-2019-10875

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g aka the MIUI native browser and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user...

CVE-2019-10875

CVE-2019-10875 is a URL-spoofing vulnerability in Xiaomi Mi Browser (international) 10.5.6-g and Mint Browser 1.5.3 caused by how the q parameter is handled: the portion of the https URL before ?q= is not displayed, enabling spoofing of the address bar. Several public sources document a PoC and p...

CVE-2019-10875

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g aka the MIUI native browser and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user...

Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs

EXCLUSIVE — Beware, if you are using a Xiaomi's Mi or Redmi smartphone, you should immediately update its built-in MI browser or the Mint browser available on Google Play Store for non-Xiaomi Android devices. That's because both web browser apps created by Xiaomi are vulnerable to a critical...