CVE-2016-4575
CVE-2016-4575 is a cross-site scripting (XSS) vulnerability in the Email application across Huawei PLK, ATH, CherryPlus, and RIO smartphone families. The root cause is insufficient output encoding in the affected Email app, allowing remote attackers to inject arbitrary JavaScript/HTML via an emai...