Vulnerability Description
The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vladymix | Tv Browser | <= 4.5.1 |
Related Weaknesses (CWE)
References
- https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/AFC-POC.ExploitThird Party Advisory
- https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/CWE-94.mExploitThird Party Advisory
- https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/TVBrowseExploitThird Party Advisory
- https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/AFC-POC.ExploitThird Party Advisory
- https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/CWE-94.mExploitThird Party Advisory
- https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/TVBrowseExploitThird Party Advisory
FAQ
What is CVE-2023-47883?
CVE-2023-47883 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The com.altamirano.fabricio.tvbrowser TV browser application through 4.5.1 for Android is vulnerable to JavaScript code execution via an explicit intent due to an exposed MainActivity.
How severe is CVE-2023-47883?
CVE-2023-47883 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-47883?
Check the references section above for vendor advisories and patch information. Affected products include: Vladymix Tv Browser.