CNNVD-202601-4617 Information
CNNVD ID
CNNVD-202601-4617
Related CVE
- CNNVD Published: 2026-01-27
Description (Chinese)
awesome-mobile-security是一个应用软件。努力构建一个地方所有有用的android和iOS安全相关的东西。 awesome-mobile-security 4.4.5之前版本存在跨站脚本漏洞,该漏洞源于Android清单分析中存在存储型跨站脚本,可能导致执行任意JavaScript。
Description (English)
It is an application. Try to build a place where all useful Android and iOS security-related things are built. Prior to version 4.4.5, there was a cross-site script loophole, which stemmed from the existence of a stored cross-site script in the analysis of the Android list, which could lead to the execution of any JavaScript.
Hazard Level
Medium
Vulnerability Type
跨站脚本
Affected Vendor
个人开发者
Published
2026-01-27
Last Modified
2026-02-24
References
https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/2b08dd050e7685ee2a14fdbb454affab94129eae https://github.com/MobSF/Mobile-Security-Framework-MobSF/releases/tag/v4.4.5 https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8hf7-h89p-3pqj
Patch
https://github.com/MobSF/Mobile-Security-Framework-MobSF/releases
Share on: