CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
Percentile
17.0%
An issue in the export component AdSdkH5Activity of com.sdjictec.qdmetro v4.2.2 allows attackers to open a crafted URL without any filtering or checking.
Vendor | Product | Version | CPE |
---|---|---|---|
qd-metro | qingdao_metro | 4.2.2 | cpe:2.3:a:qd-metro:qingdao_metro:4.2.2:*:*:*:*:android:*:* |