Description
An intent redirection vulnerability in the Mi Browser product. This vulnerability is caused by the Mi Browser does not verify the validity of the incoming data. Attackers can perform sensitive operations by exploiting this.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Attack Vector
- network
- Complexity
- low
- Privileges
- none
- User Action
- none
- Scope
- unchanged
- Confidentiality
- none
- Integrity
- high
- Availability
- none
- Weaknesses
- CWE-345
Metadata
- Primary Vendor
- MI
- Published
- 4/21/2022
- Last Modified
- 11/21/2024
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
mi : mi_browser
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.