CVE-2024-31974
May 17, 2024, 6:35 p.m.
Tags
Product(s) Impacted
Solarized FireDown Browser & Downloader
- 1.0.76
Solarized FireDown Browser & Downloader for Android
- 1.0.76
Description
The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately sanitize the URI or any extra data passed in the intent by any installed application (with no permissions).
Weaknesses
Date
Published: May 17, 2024, 4:15 p.m.
Last Modified: May 17, 2024, 6:35 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org