Medium severity5.3NVD Advisory· Published May 18, 2020· Updated Jun 17, 2026
CVE-2019-20801
CVE-2019-20801
Description
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code (that accesses a user's data) via cross-origin requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Readdle/Documents appdescription
Patches
Vulnerability mechanics
References
2- logicaltrust.net/blog/2019/12/documents.htmlnvdExploitThird Party Advisory
- apps.apple.com/us/app/documents-by-readdle/id364901807nvdProductRelease Notes
News mentions
0No linked articles in our index yet.