Unrated severityNVD Advisory· Published Mar 18, 2020· Updated Aug 4, 2024
CVE-2019-12370
CVE-2019-12370
Description
The Spark application through 2.0.2 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE permission.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Spark/Spark applicationdescription
Patches
Vulnerability mechanics
References
3- gubello.memitrex_refsource_MISC
- sparkmailapp.commitrex_refsource_MISC
- www.gubello.me/blog/javascript-injection-in-six-android-mail-clients/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.