CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-7772

Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican framework before 1.13.0 for Android and iOS allows remote attackers to inject arbitrary web script or HTML via a crafted URL that triggers WebView anchor attachment in an applican application, a different vulnerability than CVE-2015-7771.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.7%

CVSS Severity

CVSS v2 Score 4.3

References

http://jvn.jp/en/jp/JVN64625488/995707/index.html
http://jvn.jp/en/jp/JVN64625488/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000179
http://jvn.jp/en/jp/JVN64625488/995707/index.html
http://jvn.jp/en/jp/JVN64625488/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000179

Products affected by CVE-2015-7772

Newphoria Corporation » Applican » Version: Any

cpe:2.3:a:newphoria_corporation:applican:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7772

Products

Pricing

Contact Us