CVE-2019-12370
The provided connected records confirm that CVE-2019-12370 affects the Spark Android app up to version 2.0.2, enabling XSS via an event attribute and arbitrary file loading through a src attribute when READ_EXTERNAL_STORAGE permission is granted. The root cause and exact vulnerable component are ...