An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.
References
Link | Resource |
---|---|
https://support.apple.com/HT210744 | Vendor Advisory |
https://support.apple.com/HT210745 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apple
Published: 2019-12-18T17:33:23
Updated: 2019-12-18T17:33:23
Reserved: 2019-02-18T00:00:00
Link: CVE-2019-8792
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-12-18T18:15:41.803
Modified: 2019-12-23T15:04:26.700
Link: CVE-2019-8792
JSON object: View
Redhat Information
No data.
CWE