PT-2019-19219 · Shazam · Shazam Android App+1
Ashley King
·
Published
2019-12-18
·
Updated
2024-03-15
·
CVE-2019-8791
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Shazam Android App versions prior to 9.25.0
Shazam iOS App versions prior to 12.11.0
Description
An issue existed in the parsing of URL schemes, which was addressed with improved URL validation. Processing a maliciously crafted URL may lead to an open redirect.
Recommendations
For Shazam Android App versions prior to 9.25.0, update to version 9.25.0 to resolve the issue.
For Shazam iOS App versions prior to 12.11.0, update to version 12.11.0 to resolve the issue.
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Shazam Android App
Shazam Ios App