3 matches found
CVE-2023-42471
The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web conte...
CVE-2023-42471
The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web conte...
CVE-2023-42471
CVE-2023-42471 affects the wave.ai.browser Android app up to version 1.0.35. The root cause is a WebView-based SplashScreen activity (wave.ai.browser.ui.splash.SplashScreen) exported via the manifest, which does not adequately validate or sanitize the URI or extra data passed in an incoming craft...