CVE-2023-21515
published 2023-05-26CVE-2023-21515: InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
InstantPlay which included vulnerable script which could execute javascript in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | galaxy_store | < 4.5.49.8 | 4.5.49.8 |
| samsung_mobile | galaxy_store | >= unspecified < 4.5.49.8 | 4.5.49.8 |