MEDIUM🇵🇱 Wersja polska

CVE-2020-9092

CVSS 4.6v3.1pub. 2020-10-19upd. 2024-11-21

HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module.

CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Huawei Mate 20

    HW
    Huawei
    wszystkie wersje
  • Huawei Mate 20 Firmware

    OS
    Huawei
    < 10.1.0.163\(c00e160r3p8\)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2020-9247HIGH7.8ten sam produkt

There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate...

CVE-2020-9113HIGH8.0ten sam produkt

HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Blueto...

CVE-2020-0022HIGH8.8ten sam produkt

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect ...

CVE-2019-5225HIGH7.8ten sam produkt

P30, Mate 20, P30 Pro smartphones with software of versions earlier than ELLE-AL00B 9.1.0.193(C00E190R1P21), v...

CVE-2021-22440MEDIUM4.6ten sam produkt

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software...