CVE-2023-47882

Name of the Vulnerable Software and Affected Versions com.yunyi.smartcamera application through 4.1.9 20231127 for Android

Description The issue allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component. This can be achieved by sending an implicit intent to the specified component, potentially allowing the execution of malicious JavaScript code.

Recommendations For versions through 4.1.9 20231127, consider disabling the com.ants360.yicamera.activity.WebViewActivity component as a temporary workaround until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.