Cross-site scripting (XSS) vulnerability in the email APP in Huawei PLK smartphones with software AL10C00 before AL10C00B211 and AL10C92 before AL10C92B211; ATH smartphones with software AL00C00 before AL00C00B361, CL00C92 before CL00C92B361, TL00HC01 before TL00HC01B361, and UL00C00 before UL00C00B361; CherryPlus smartphones with software TL00C00 before TL00C00B553, UL00C00 before UL00C00B553, and TL00MC01 before TL00MC01B553; and RIO smartphones with software AL00C00 before AL00C00B360 allows remote malicious users to inject arbitrary web script or HTML via an email message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
huawei ath_firmware cl00c92 |
||
huawei ath_firmware al00c00 |
||
huawei ath_firmware tl00hc01 |
||
huawei ath_firmware ul00c00 |
||
huawei ath - |
||
huawei rio_firmware al00c00 |
||
huawei plk_firmware al10c00 |
||
huawei plk_firmware al10c92 |
||
huawei cherryplus_firmware tl00c00 |
||
huawei cherryplus_firmware ul00c00 |
||
huawei cherryplus_firmware tl00mc01 |
||
huawei cherryplus - |