2 matches found
CVE-2018-7931
The CVE-2018-7931 case concerns Huawei AppGallery/AppMarket whitelist bypass on versions prior to 8.0.4.301. The root cause is in the handling of whitelisted domains, where content was not verified secure-channel-wise, allowing an attacker in a malicious network environment to lure a user to a ma...
CVE-2018-7932
CVE-2018-7932 affects Huawei AppGallery (pre-8.0.4.301). The issue allows loading and executing arbitrary JavaScript in a user’s device by bypassing the app’s whitelist mechanism, via a crafted page in a malicious network environment. Related sources describe a more specific flaw in the Huawei Ap...