PT-2019-16611 · Oculus · Oculus Browser

Published

2019-04-29

Updated

2019-10-09

CVE-2019-3562

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Oculus Browser versions 5.2.7 through 5.7.11

Description A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code.

Recommendations For Oculus Browser versions 5.2.7 through 5.7.11, update to a version later than 5.7.11 to resolve the issue.

Fix

Special Elements Injection

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-79

Related Identifiers

CVE-2019-3562

Affected Products

Oculus Browser

PT-2019-16611 · Oculus · Oculus Browser

CVE-2019-3562

Weakness Enumeration

Related Identifiers

Affected Products

References · 3