Information Disclosure

chromium is vulnerable to information disclosure. Inappropriate implementation in WebView allows a remote attacker to leak cross-origin data via a malicious HTML page...

CVE-2020-35554

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. There is a WebView SSL error-handler vulnerability. The LG ID is LVE-SMP-200026 December 2020...

CVE-2020-35554

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. There is a WebView SSL error-handler vulnerability. The LG ID is LVE-SMP-200026 December 2020...

CVE-2020-35554

CVE-2020-35554 affects LG mobile devices running Android 8.x–10 with a WebView SSL error-handler vulnerability. The issue is described as an SSL handling weakness in WebView, linked to LG’s internal identifier LVE-SMP-200026 (December 2020). Connected sources corroborate the vulnerability across ...

CVE-2020-35554

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. There is a WebView SSL error-handler vulnerability. The LG ID is LVE-SMP-200026 December 2020...

LG mobile security breach

LG mobile is a mobile device from LG Corporation A security vulnerability exists in LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software that originates from a WebView SSL error handling...

Logic Flaw Vulnerability in WebView JsBridge

WebView is the term that refers to the web page view. It can be embedded in the mobile terminal to realize the front-end of the hybrid development, most of the hybrid development framework is based on the WebView mode for secondary development. WebView JsBridge has a logic flaw vulnerability that...

Microsoft Xamarin.Forms Spoofing Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A spoofing vulnerability exists in Microsoft Xamarin.Forms. The vulnerability stems from a default setting in Android WebView versions prior to 83.0.4103.106. An attacker can exploit the vulnerability t...

GitHub Security Lab: Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks

This bug was reported directly to GitHub Security Lab...

Cross-site Scripting (XSS)

react-native-webview is vulnerable to cross-site scripting XSS. The vulnerability exists through the lack of policy enforcement that allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. The vulnerability exists on all applications running on systems with an Andro...

GHSA-36J3-XXF7-4PQG Android WebView Universal Cross-site Scripting

A universal cross-site scripting UXSS vulnerability, CVE-2020-6506 https://crbug.com/1083819, has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native apps whic...

Android WebView Universal Cross-site Scripting

A universal cross-site scripting UXSS vulnerability, CVE-2020-6506 https://crbug.com/1083819, has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native apps whic...

Universal XSS in Android WebView

Overview A universal cross-site scripting UXSS vulnerability, CVE-2020-6506 https://crbug.com/1083819, has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native...

The vulnerability of the Microsoft Xamarin.Forms user interface platform, the WebView component for displaying web pages, and the Google Chrome browser is related to errors in the user interface’s information presentation. This allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Xamarin.Forms user interface platform, including the WebView component for displaying web pages and the Google Chrome browser, is related to errors in the user interface’s information presentation. Exploiting this vulnerability can allow a remote attacker to...

Cross-site Scripting (XSS)

Overview react-native-webview is a React Native WebView component for iOS, Android, macOS, and Windows Affected versions of this package are vulnerable to Cross-site Scripting XSS. A universal cross-site scripting UXSS vulnerability has been identified in the Android WebView system component, whi...

LY Corporation: Webview in LINE client for iOS will render application/octet-stream files as HTML

Due to misconfiguration in the webview of LINE client for iOS, the data with header "Content-type" as "application/octet-stream" was treated as HTML. This could lead to a malicious Javascript execution, resulting a Cross-site scripting attack...

DEBIAN-CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...