Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html | Exploit Third Party Advisory VDB Entry |
https://github.com/zadewg/RIUS | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Mar 2022, 16:52
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) https://github.com/zadewg/RIUS - Exploit, Third Party Advisory | |
CWE | NVD-CWE-Other | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.5 |
CPE | cpe:2.3:a:facebook:instagram:*:*:*:*:*:android:*:* cpe:2.3:a:facebook:instagram:*:*:*:*:*:iphone_os:*:* |
25 Mar 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Mar 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-23 22:15
Updated : 2024-02-04 22:29
NVD link : CVE-2020-20094
Mitre link : CVE-2020-20094
CVE.ORG link : CVE-2020-20094
JSON object : View
Products Affected
CWE