Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execute arbitrary JavaScript code, and obtain sensitive information, via a crafted application that places this code into a local file associated with a file: URL. NOTE: this vulnerability exists because of a CVE-2012-4009 regression.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Cybozu Live应用程序WebView类安全漏洞
Vulnerability Description
Cybozu Live for Android是日本才望子(Cybozu)公司的协同工作平台Cybozu Live的Android客户端。该客户端允许用户和工作组中的其他同事协同办公,可以查看更新、发表评论、发布图片等。 Android的Cybozu Live应用程序2.0.1之前的版本中的WebView类中存在漏洞。攻击者可通过放置此代码到与file: URL相关联的本地文件的特制的应用程序,利用该漏洞执行任意JavaScript代码,获得敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A