3 matches found
Huawei WATCH Kid 输入验证错误漏洞
Huawei WATCH Kid, a children's watch from Huawei China, is vulnerable to an input validation error in version 1.0.0.608, which can be exploited by a remote attacker on a local network to add a user as a friend without prompting in the target device. A remote attacker could use this vulnerability ...
Security update for teeworlds (moderate)
openSUSE Security Update: Security update for teeworlds Announcement ID: openSUSE-SU-2019:1999-1 Rating: moderate References: 1112910 1131729 Cross-References: CVE-2018-18541 CVE-2019-10877 CVE-2019-10878 CVE-2019-10879 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes four...
Rockstar Games: XSS STORED AT socialclub.rockstargames.com (add friend request from profile attacker)
In this report, the researcher discovered a Stored XSS vulnerability in the Add Friend functionality. It worked by filling the optional Message field with a XSS payload utilized an SVG object tag and some character escaping. When the recipient of the malicious friend request clicked or tapped the...