6 matches found
EUVD-2023-30137
Malicious code in bioql PyPI...
Xiaomi cloud service Application cross-site scripting vulnerability
Xiaomi cloud service Application is a cloud service APP from Xiaomi, a Chinese company. A cross-site scripting vulnerability exists in Xiaomi cloud service Application, which stems from a whitelist checking feature that allows loading of the javascript protocol, which can be exploited by an...
CVE-2023-26316
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies...
CVE-2023-26316
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies...
CVE-2023-26316
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies...
PT-2023-20607 · Xiaomi · Xiaomi Cloud Service Application
Name of the Vulnerable Software and Affected Versions: Xiaomi cloud service Application product affected versions not specified Description: A XSS issue exists in the Xiaomi cloud service Application product. The issue is caused by Webview's whitelist checking function allowing the javascript...