Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv3

CVE-2019-10875

Published: 05/04/2019 Updated: 22/04/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Mi

Vulnerability Summary

A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mi mi browser 10.5.6-g

mi mint browser 1.5.3

Exploits

Exploit DB: Xiaomi Mi Browser / Mint Browser URL Spoofing
Xiaomi Mi Browser version 1056-g and Mint Browser version 153 suffer from a URL spoofing vulnerability ...

References

CWE-290https://www.andmp.com/2019/04/xiaomi-url-spoofing-w-ssl-vulnerability.htmlhttps://thehackernews.com/2019/04/xiaomi-browser-vulnerability.htmlhttps://sec.xiaomi.com/bug/5bedef67a31ec71ehttp://packetstormsecurity.com/files/152497/Xiaomi-Mi-Browser-Mint-Browser-URL-Spoofing.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/152497/Xiaomi-Mi-Browser-Mint-Browser-URL-Spoofing.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook