CVE-2021-25520

Summary

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Internet- < 16.0.2affected

Weaknesses

  • CWE-20: CWE-20: Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References