CVE-2023-21434

Name of the Vulnerable Software and Affected Versions Galaxy Store versions prior to 4.5.49.8

Description The issue exists due to inadequate protection of the web page structure, allowing an attacker to execute a JavaScript script when a web page is loaded. This is caused by an improper input validation vulnerability, which enables local attackers to launch a web page and execute JavaScript.

Recommendations For Galaxy Store versions prior to 4.5.49.8, update to version 4.5.49.8 or later to resolve the issue. As a temporary workaround, consider restricting the execution of JavaScript scripts within the Galaxy Store application to minimize the risk of exploitation.