CVE-2023-42581
published 2023-12-05CVE-2023-42581: Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | galaxy_store | < 4.5.64.4 | 4.5.64.4 |