CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-21434

Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.105

EPSS Ranking 92.9%

CVSS Severity

CVSS v3 Score 6.2

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01

Products affected by CVE-2023-21434

Samsung » Galaxy Store » Version: N/A

cpe:2.3:a:samsung:galaxy_store:-
Samsung » Galaxy Store » Version: 4.5.32.4

cpe:2.3:a:samsung:galaxy_store:4.5.32.4
Samsung » Galaxy Store » Version: 4.5.36.4

cpe:2.3:a:samsung:galaxy_store:4.5.36.4
Samsung » Galaxy Store » Version: 4.5.41.8

cpe:2.3:a:samsung:galaxy_store:4.5.41.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-21434

Products

Pricing

Contact Us