CVE-2018-18334
HIGHTrend Micro Dr. Safety < 3.0.1478 - Exposure of Sensitive Information via Same Origin Policy Bypass
Title source: llmDescription
A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1121933.aspx
Scores
CVSS v3
7.5
EPSS
0.0034
EPSS Percentile
56.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (1)
trendmicro/dr._safety
< 3.0.1478
Published
Feb 05, 2019
Tracked Since
Feb 18, 2026