Security Advisory

CVE-2023-6542

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-12 01:36:22

Last updated 2024-08-02 08:35:13

Assigner sap

State PUBLISHED

Description

Due to lack of proper authorization checks in Emarsys SDK for Android, an attacker can call a particular activity and can forward himself web pages and/or deep links without any validation directly from the host application. On successful attack, an attacker could navigate to arbitrary URL including application deep links on the device.

← Browse all CVEs View on cve.org ↗