RSS   Vulnerabilities for 'NINE'   RSS

2020-03-18
 
CVE-2019-12366

CWE-79
 
 
The Nine application through 4.5.3a for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE permission.

 
2018-05-16
 
CVE-2017-17689

CWE-noinfo
 
 
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

 

Copyright 2024, cxsecurity.com

 

Back to Top