PT-2025-8972 · Tu Yafeng · Via Browser
Finn Westendorf
·
Published
2025-02-27
·
Updated
2025-02-28
·
CVE-2024-9285
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Tu Yafeng Via Browser versions up to 5.9.0
Description
A issue was found in the Javascript Bridge component, which can lead to cross site scripting when manipulated. This can be initiated remotely.
Recommendations
For versions up to 5.9.0, apply a patch to fix this issue.
Exploit
Fix
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Via Browser