Unrated severityNVD Advisory· Published Jun 7, 2019· Updated Aug 5, 2024
CVE-2018-20523
CVE-2018-20523
Description
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Xiaomi/Stock Browserdescription
- Range: =10.2.4.g
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/163796/Xiaomi-10.2.4.g-Information-Disclosure.htmlmitrex_refsource_MISC
- sec.xiaomi.commitrex_refsource_MISC
- vishwarajbhattrai.wordpress.com/2019/03/22/content-provider-injection-in-xiaomi-stock-browsermitrex_refsource_MISC
News mentions
0No linked articles in our index yet.