2 matches found
CVE-2023-4876 Exposure of Sensitive Information to an Unauthorized Actor in hamza417/inure
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92...
CVE-2023-4876
CVE-2023-4876 affects hamza417/inure (prior to build92). The root cause is improper validation of incoming intent.data in TTFViewerActivity, allowing content:// data to be opened via the app’s file provider and leading to exposure of sensitive files stored in external storage (e.g., Preferences.x...