Description
The GREE+ (aka com.gree.greeplus) application 1.4.0.8 for Android suffers from Cross Site Request Forgery.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
https://medium.com/%40beefaaubee/dissecting-into-gree-android-application-43892d54b006
Product, Third Party Advisory x_refsource_misc
https://play.google.com/store/apps/details?id=com.gree.greeplus
Scores
CVSS v3
8.8
EPSS
0.0065
EPSS Percentile
46.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-352
Status
published
Products (1)
gree/gree\+
1.4.0.8
Published
Oct 11, 2019
Tracked Since
Feb 18, 2026