Vulnerability Details : CVE-2020-23349

An intent redirection issue was doscovered in Sina Weibo Android SDK 4.2.7 (com.sina.weibo.sdk.share.WbShareTransActivity), any unexported Activities could be started by the com.sina.weibo.sdk.share.WbShareTransActivity.

Published 2022-04-05 16:15:11

Updated 2022-07-12 17:42:04

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2020-23349

Probability of exploitation activity in the next 30 days: 0.08%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 31 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2020-23349

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N	3.9	3.6	[email protected]
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None

References for CVE-2020-23349

https://github.com/sinaweibosdk/weibo_android_sdk/issues/406

Exploit;Issue Tracking;Third Party Advisory

Products affected by CVE-2020-23349

Weibo » Android Software Development Kit » Version: 4.2.7
cpe:2.3:a:weibo:android_software_development_kit:4.2.7:*:*:*:*:*:*:*
Matching versions