In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination. This could lead to incorrect security decisions with no additional execution privileges needed. User interaction is not needed for exploitation.

Security Joes Blog


Security Joes is a multi-layered Incident Response company that specializes in IR, MDR & Red Teaming. The company was established by security researchers to first and foremost generate resilience against highly complex cyberwarfare incidents, extract vital evidence and attribute TTPs to threat actors and state-sponsored hacking groups. Based out of Israel, the company is constructed from a best-of-breed agnostic team of threat hunters, responders & security researchers, hand-picked from all over the world, to provide 24x7x365 “follow-the-sun” coverage.

Listed: