CVE-2019-8792

Summary

An injection issue was addressed with improved validation. This issue is fixed in Shazam Android App Version 9.25.0, Shazam iOS App Version 12.11.0. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.

Affected Software

VendorProductVersion RangeStatus
AppleShazam-Androidunspecified < Shazam Android App Version 9.25.0affected
AppleShazam-iOSunspecified < Shazam iOS App Version 12.11.0affected

Weaknesses

  • Processing a maliciously crafted URL may lead to arbitrary javascript code execution

ADP Enrichment

CVE Program Container

Additional References

References