RSS   Vulnerabilities for 'Happypoint'   RSS

2019-08-01
 
CVE-2019-9140

CWE-94
 

 
When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check Deeplink URL correctly. This could lead to javascript code execution, url redirection, sensitive information disclosure. An attacker can exploit this issue by enticing an unsuspecting user to open a specific malicious URL.

 


Copyright 2024, cxsecurity.com

 

Back to Top