4 matches found
CVE-2023-1384
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...
Code injection
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...
CVE-2023-1384
The CVE-2023-1384 issue affects Amazon Fire TV Stick 3rd-gen devices (pre-6.2.9.5) and Insignia FireOS TVs (pre-7.6.3.3). The root cause is improper sanitization of the source parameter in the setMediaSource function of the amzn.thin.pl service, which can allow arbitrary JavaScript execution. Rem...
CVE-2023-1384
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3...