CVE-2014-6041

CVE-2014-6041 is a UXSS/SOP bypass in Android’s stock browser (AOSP) prior to 4.4 and in WebView, enabling cross-site script execution via crafted input containing a null character. Affected: Android stock browser before 4.4 and apps using WebView. Impact: partial confidentiality and integrity th...