Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code (that accesses a user's data) via cross-origin requests.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Readdle Documents app 安全漏洞
Vulnerability Description
Readdle Documents app是乌克兰Readdle公司的一款文件管理器。该产品支持查看EPUB电子书、查看Word和Excel文档等。 基于iOS系统的Readdle Documents app 6.9.7之前版本中存在安全漏洞,该漏洞源于文件传输Web服务器允许来自任何域的跨域请求,并且WebSocket服务器缺乏授权控制。攻击者可借助跨源请求利用该漏洞执行JavaScript代码(访问用户数据)。
CVSS Information
N/A
Vulnerability Type
N/A