CVE-2019-12369
CVE-2019-12369 affects the TypeApp Android app (version 1.9.5.35) and allows cross-site scripting via an event attribute and arbitrary file loading via a src attribute when READ_EXTERNAL_STORAGE permission is granted. The root cause is associated with the app handling untrusted data in UI attribu...