Forums
- Recent Posts
- Forum Rules
Downloads
- Most Active Uploaders
- Latest Reviews
Wiki

Your name or email address:

Password:: Forgot your password?

Stay logged in

: Log in with Facebook
: Log in with Twitter
: Log in with Google

Menu
Forums
Forums

Quick Links
- Recent Posts
- Forum Rules
Downloads
Downloads

Quick Links
- Most Active Uploaders
- Latest Reviews
Wiki
Wiki

Quick Links
Menu

Log In
Sign up

Xiaopan Forums

> Support > News Aggregator >

Samsung SecEmailUI Script Injection

Discussion in 'News Aggregator' started by Packet Storm, 8 Feb 2016.

Packet Storm Guest

The default Samsung email client's email viewer and composer (implemented in SecEmailUI.apk) doesn't sanitize HTML email content for scripts before rendering the data inside a WebView. This allows an attacker to execute arbitrary JavaScript when a user views a HTML email which contains HTML script tags or other events.

Continue reading...

#1 Packet Storm, 8 Feb 2016

(You must log in or sign up to post here.)

Show Ignored Content

Share This Page

Tweet

Loading...

Log in with Facebook
Log in with Twitter
Log in with Google

Your name or email address:

Do you already have an account?

No, create an account now.
Yes, my password is:
Forgot your password?

: Stay logged in

Xiaopan Forums

> Support > News Aggregator >

Toggle Width

Home
Help
Terms and Rules
Privacy Policy
Top

About Us

We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.

You can also find us on: Twitter and Facebook

Theme designed by ThemeHouse.

Xiaopan Forums

> Support > News Aggregator >