5 matches found
CVE-2023-40079
In injectSendIntentSender of ShortcutService.java, there is a possible background activity launch due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
SUSE CVE-2021-43544
When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. This bug only affects Firefox for Android. Other operating systems are...
Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2022-36976)
Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox has a cross-site scripting vulnerability that stems from the fact that Firefox searches for text when a URL is received via the SEND intent, but subsequent use of the address bar can cause the URL to load...
CVE-2021-43544
When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. This bug only affects Firefox for Android. Other operating systems are...
Mozilla Firefox 跨站脚本漏洞
Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox has a cross-site scripting vulnerability that stems from the fact that Firefox searches for text when a URL is received via the SEND intent, but subsequent use of the address bar can cause the URL to load...