CVE-2023-20976

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description The issue is related to improper input validation in the getConfirmationMessage function of DefaultAutofillPicker.java. This could potentially mislead the user into selecting a default autofill application, leading to a local escalation of privilege without requiring additional execution privileges. User interaction is necessary for exploitation.

Recommendations For Android version Android-13, update to a version that includes the fix for this issue, as referenced by Android ID A-216117246.