CVE-2017-8153

Name of the Vulnerable Software and Affected Versions Huawei VMall (for Android) versions prior to 1.5.8.5

Description The issue is due to improper design, allowing an attacker to trick users into installing a malicious app. This app can send HTTP requests and execute JavaScript code in web pages without obtaining the Internet access permission, potentially leading to resource occupation or information leak.

Recommendations For versions prior to 1.5.8.5, update to version 1.5.8.5 or later to resolve the issue.