CVE-2020-12483
HIGHvivo appstore < 8.12.0.0 - Open Redirect via Remote App Download
Title source: llmDescription
The appstore before 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.vivo.com/en/support/security-advisory-detail?id=1
Scores
CVSS v3
8.2
EPSS
0.0068
EPSS Percentile
47.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
Details
CWE
CWE-601
Status
published
Products (1)
vivo/appstore
< 8.12.0.0
Published
Mar 23, 2021
Tracked Since
Feb 18, 2026