Unrated severityNVD Advisory· Published May 3, 2023· Updated Jan 30, 2025
CVE-2023-1384
CVE-2023-1384
Description
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run
This issue affects:
Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<6.2.9.5+ 1 more
- (no CPE)range: <6.2.9.5
- (no CPE)range: 6.2.9.4
- Range: <7.6.3.3
- Insignia/TV with FireOSv5Range: 7.6.3.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.