Unrated severityNVD Advisory· Published Sep 11, 2020· Updated Aug 4, 2024
Xamarin.Forms Spoofing Vulnerability
CVE-2020-16873
Description
A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute arbitrary Javascript code on a target system. For the attack to be successful, the targeted user would need to browse to a malicious website or a website serving the malicious code through Xamarin.Forms. The security update addresses this vulnerability by preventing the malicious Javascript from running in the WebView.
Affected products
2cpe:2.3:a:microsoft:xamarin.forms:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:xamarin.forms:-:*:*:*:*:*:*:*range: 83.0.0
- (no CPE)
Patches
Vulnerability mechanics
References
1- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16873mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.