Vulnerabilities

CVE-2018-20523

by Fred · 07/06/2019

Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user’s cleartext browser history via an app.provider.query request.

Date published : 2019-06-07

http://packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.html

https://sec.xiaomi.com

Similar

Tags: Cybersecurity Alert