Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 before TL00HC01B361, and UL00C00 before UL00C00B361; CherryPlus smartphones with software TL00C00 before TL00C00B553, UL00C00 before UL00C00B553, and TL00MC01 before TL00MC01B553; and RIO smartphones with software AL00C00 before AL00C00B360 allows remote attackers to inject arbitrary web script or HTML via an email message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Huawei产品跨站脚本漏洞
Vulnerability Description
Huawei PLK PLK-AL10C00B211等都是中国华为(Huawei)公司的智能手机产品。 多款Huawei产品的Email应用中存在跨站脚本漏洞,该漏洞源于程序缺少对部分特定字符的输出编码。远程攻击者可借助邮件消息利用该漏洞注入任意Web脚本或HTML。以下产品及版本受到影响:Huawei PLK PLK-AL10C00B211之前版本,PLK-AL10C92B211之前版本,ATH ATH-AL00C00B361之前版本,ATH-CL00C92B361之前版本,ATH-TL00HC01B3
CVSS Information
N/A
Vulnerability Type
N/A