CVE-2024-23729

The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity component.
Configurations

Configuration 1 (hide)

cpe:2.3:a:heytap:internet_browser:45.10.3.4.1:*:*:*:*:android:*:*

History

20 Aug 2024, 21:35

Type Values Removed Values Added
Summary
  • (es) La aplicación ColorOS Internet Browser com.heytap.browser versión 45.10.3.4.1 para Android permite a un atacante remoto ejecutar código JavaScript de su elección a través del componente com.android.browser.RealBrowserActivity.
References () https://github.com/actuator/com.heytap.browser - () https://github.com/actuator/com.heytap.browser - Exploit, Vendor Advisory
References () https://play.google.com/store/apps/details?id=com.heytap.browser - () https://play.google.com/store/apps/details?id=com.heytap.browser - Product
First Time Heytap internet Browser
Heytap
CWE CWE-79
CPE cpe:2.3:a:heytap:internet_browser:45.10.3.4.1:*:*:*:*:android:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1

19 Aug 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-19 19:15

Updated : 2024-08-20 21:35


NVD link : CVE-2024-23729

Mitre link : CVE-2024-23729

CVE.ORG link : CVE-2024-23729


JSON object : View

Products Affected

heytap

  • internet_browser
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')