CVE-2019-8792

State: PUBLISHED · Published: 2019-12-18 · Updated: 2024-08-04 · Assigner: apple

Description

An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.

CWE

(none)

Affected

Apple / Shazam-Android — v=unspecified <Shazam Android App Version 9.25.0 [affected]
Apple / Shazam-iOS — v=unspecified <Shazam iOS App Version 12.11.0 [affected]

CVSS

(none)

References

https://support.apple.com/HT210744 x_refsource_MISC
https://support.apple.com/HT210745 x_refsource_MISC

Source

cvelistV5-main/cves/2019/8xxx/CVE-2019-8792.json