描述
A vulnerability classified as problematic was found in Foresight News App up to 2.6.4 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml of the component pro.foresightnews.appa. The manipulation leads to improper export of android application components. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI分析AI驱动
受影响产品
foresightnewsforesight_news
参考资料
- https://github.com/KMov-g/androidapps/blob/main/pro.foresightnews.app.mdExploitMitigationThird Party Advisory
- https://github.com/KMov-g/androidapps/blob/main/pro.foresightnews.app.md#steps-to-reproduceExploitMitigationThird Party Advisory
- https://vuldb.com/?ctiid.317008Permissions RequiredVDB Entry
- https://vuldb.com/?id.317008Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.615292Third Party AdvisoryVDB Entry
- https://github.com/KMov-g/androidapps/blob/main/pro.foresightnews.app.mdExploitMitigationThird Party Advisory
- https://github.com/KMov-g/androidapps/blob/main/pro.foresightnews.app.md#steps-to-reproduceExploitMitigationThird Party Advisory