actuator/com.solarized.firedown

Releases0

Stars1

CVE-2024-31974

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-31974 ↗	May 17, 2024Friday, 17 May 2024, 16:15	6.3 MEDIUM	—
The com.solarized.firedown (aka Solarized FireDown Browser & Downloader) application 1.0.76 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. com.solarized.firedown.IntentActivity uses a WebView component to display web content and doesn't adequately sanitize the URI or any extra data passed in the intent by any installed application (with no permissions).