2 matches found
CVE-2019-12366
The Nine application through 4.5.3a for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...
CVE-2019-12366
The vulnerability CVE-2019-12366 affects the Nine Android app up to version 4.5.3a. The issue is an XSS via an event attribute and an arbitrary file loading via a src attribute when the app has READ_EXTERNAL_STORAGE permission. The Red Hat advisory reiterates this description. No concrete exploit...