The TripAdvisor app with the versions before TAMobileApp-24.6.4 pre-installed in some Huawei mobile phones have an arbitrary URL loading vulnerability due to insufficient input validation and improper configuration. An attacker may exploit this vulnerability to invoke TripAdvisor to load a specific URL and execute malicious code contained in the URL.
References
Link | Resource |
---|---|
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180130-01-tripadvisor-en | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: huawei
Published: 2018-03-09T17:00:00
Updated: 2018-03-09T16:57:01
Reserved: 2017-12-04T00:00:00
Link: CVE-2017-17226
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-09T17:29:01.453
Modified: 2018-03-30T19:10:06.773
Link: CVE-2017-17226
JSON object: View
Redhat Information
No data.
CWE