CVE-2023-49000

An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. NOTE: this is disputed by the vendor, who indicates that ArtisBrowser 34 does not support CSS3.
Configurations

Configuration 1 (hide)

cpe:2.3:a:artistscope:artisbrowser:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:32

Type Values Removed Values Added
References () https://github.com/actuator/com.artis.browser/blob/main/CWE-94.md - Broken Link () https://github.com/actuator/com.artis.browser/blob/main/CWE-94.md - Broken Link
References () https://github.com/actuator/cve/blob/main/CVE-2023-49000 - Third Party Advisory () https://github.com/actuator/cve/blob/main/CVE-2023-49000 - Third Party Advisory

20 Sep 2024, 13:15

Type Values Removed Values Added
References
  • () https://github.com/advisories/GHSA-866h-q63m-66xm -
Summary (en) An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. (en) An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component. NOTE: this is disputed by the vendor, who indicates that ArtisBrowser 34 does not support CSS3.

04 Jan 2024, 18:45

Type Values Removed Values Added
References () https://github.com/actuator/com.artis.browser/blob/main/CWE-94.md - () https://github.com/actuator/com.artis.browser/blob/main/CWE-94.md - Broken Link
References () https://github.com/actuator/cve/blob/main/CVE-2023-49000 - () https://github.com/actuator/cve/blob/main/CVE-2023-49000 - Third Party Advisory
CWE CWE-94
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CPE cpe:2.3:a:artistscope:artisbrowser:*:*:*:*:*:*:*:*

28 Dec 2023, 15:09

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-27 22:15

Updated : 2024-11-21 08:32


NVD link : CVE-2023-49000

Mitre link : CVE-2023-49000

CVE.ORG link : CVE-2023-49000


JSON object : View

Products Affected

artistscope

  • artisbrowser
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')