3 matches found
CVE-2023-3612 Unprotected WebView access in Govee Home App
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...
CVE-2023-3612
The CVE-2023-3612 issue affects the Govee Home app, where unprotected access to the WebView component allows any app on the device to open WebView. A crafted URL can enable JavaScript execution in the WebView context or display phishing content to steal sensitive data. Documented impact includes ...
CVE-2023-3612 Unprotected WebView access in Govee Home App
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content...