CVE-2023-26324
CVE-2023-26324 affects XiaomiGetApps; the flaw is a bypass of the verification logic that allows code execution. PT-2024-12097 details exploit steps via WebView: open a URL, inject JavaScript, use vulnerable GetApps JavaScript Interface to install and launch a payload, potentially obtaining a she...