The vulnerability of the Microsoft Xamarin.Forms user interface platform, the WebView component for displaying web pages, and the Google Chrome browser is related to errors in the user interface’s information presentation. This allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Xamarin.Forms user interface platform, including the WebView component for displaying web pages and the Google Chrome browser, is related to errors in the user interface’s information presentation. Exploiting this vulnerability can allow a remote attacker to...

Cross-site Scripting (XSS)

Overview react-native-webview is a React Native WebView component for iOS, Android, macOS, and Windows Affected versions of this package are vulnerable to Cross-site Scripting XSS. A universal cross-site scripting UXSS vulnerability has been identified in the Android WebView system component, whi...

LY Corporation: Webview in LINE client for iOS will render application/octet-stream files as HTML

Due to misconfiguration in the webview of LINE client for iOS, the data with header "Content-type" as "application/octet-stream" was treated as HTML. This could lead to a malicious Javascript execution, resulting a Cross-site scripting attack...

CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

DEBIAN-CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2020-6538

CVE-2020-6538 affects Google Chrome WebView on Android (inappropriate WebView implementation) allowing cross-origin data leakage via a crafted HTML page. Connected sources indicate the issue was fixed in Chrome/Chromium releases around 84.0.4147.105; Debian’s advisory lists CVE-2020-6538 among up...

CVE-2020-6538

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2020-16873

A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute arbitrary Javascript code on a target system. For the attack to be successful, the targeted user would...

Spoofing

A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute arbitrary Javascript code on a target system. For the attack to be successful, the targeted user would...

CVE-2020-16873

The CVE-2020-16873 entry describes a spoofing vulnerability in Microsoft Xamarin.Forms tied to the Android WebView default settings before 83.0.4103.106. The issue allows an attacker to execute arbitrary Javascript if a user visits a malicious website or a site serving malicious code via Xamarin....

Xamarin.Forms Spoofing Vulnerability

A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute arbitrary Javascript code on a target system. For the attack to be successful, the targeted user would...

PT-2020-4018 · Microsoft +1 · Xamarin.Forms +1

Name of the Vulnerable Software and Affected Versions: Microsoft Xamarin.Forms versions prior to 83.0.4103.106 Description: A spoofing issue exists due to the default settings on Android WebView, allowing an attacker to execute arbitrary Javascript code on a target system. The attack requires the...

OPENSUSE-SU-2020:1181-1 Security update of chromium

Chromium was updated to 84.0.4147.105 boo1174582: CVE-2020-6537: Type Confusion in V8 CVE-2020-6538: Inappropriate implementation in WebView CVE-2020-6532: Use after free in SCTP CVE-2020-6539: Use after free in CSS CVE-2020-6540: Heap buffer overflow in Skia CVE-2020-6541: Use after free in WebU...

Google Chrome Security Update (stable-channel-update-for-desktop_27-2020-07) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

chromium-browser: Inappropriate implementation in WebView

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

OPENSUSE-SU-2020:1161-1 Security update of chromium

Chromium was updated to 84.0.4147.105 boo1174582: CVE-2020-6537: Type Confusion in V8 CVE-2020-6538: Inappropriate implementation in WebView CVE-2020-6532: Use after free in SCTP CVE-2020-6539: Use after free in CSS CVE-2020-6540: Heap buffer overflow in Skia CVE-2020-6541: Use after free in WebU...

Security update of chromium (low)

openSUSE Security Update: Security update of chromium Announcement ID: openSUSE-SU-2020:1161-1 Rating: low References: 1174582 Cross-References: CVE-2020-6532 CVE-2020-6537 CVE-2020-6538 CVE-2020-6539 CVE-2020-6540 CVE-2020-6541 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixe...