| |
Vulnerability CVE-2023-3612
Published: 2023-09-11
| Description: |
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content. |
References: |
https://www.sk-cert.sk/sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
