CVE-2020-9092
Description
HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability. A module does not verify a specific input. This could allow attackers to bypass filter mechanism to launch JavaScript injection. This could compromise normal service of the affected module.
Risk Information
Base Score
4.6
MODERATE
Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.06
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability (CVE-2020-9092) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234