2 matches found
(Pwn2Own) Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary script on affected installations of Samsung Galaxy S25. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Samsung Account application. The issue results from the lack of proper validati...
CVE-2023-21481
The CVE-2023-21481 entry concerns Samsung Account before version 14.1.0.0, where improper URL input validation could allow remote attackers to obtain sensitive information. Affected software: Samsung Account application (pre-14.1.0.0). Root cause: improper URL input validation. Impact: confidenti...