VYPR
Medium severity6.1NVD Advisory· Published Mar 18, 2020· Updated Jun 17, 2026

CVE-2019-12368

CVE-2019-12368

Description

The Edison Mail application through 1.7.1 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE permission.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Edison Mail/Edison Mail applicationdescription
  • Range: <=1.7.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.