2 matches found
CVE-2024-35205
The WPS Office aka cn.wps.mofficeeng application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aimi...
WPS Office Man-in-the-Middle Attack Vulnerability in Android Version
WPS Office is an office software suite developed independently by Kingsoft Corporation. There is a man-in-the-middle attack vulnerability in WPS Office for Android, where the software does not verify the validity of the TLS certificate when submitting a login request, which can lead to a...