PT-2023-30656 · Unknown · Com.Altamirano.Fabricio.Tvbrowser
Published
2023-12-27
·
Updated
2024-01-09
·
CVE-2023-47883
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
com.altamirano.fabricio.tvbrowser TV browser application versions through 4.5.1 for Android
Description
The issue allows for JavaScript code execution via an explicit intent due to an exposed MainActivity. This could potentially lead to malicious code being executed on the device.
Recommendations
For versions through 4.5.1, consider disabling the explicit intent functionality related to the exposed MainActivity as a temporary workaround until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Com.Altamirano.Fabricio.Tvbrowser