← Back

Xiaomi Cloud

xiaomi_cloud

Vendor: Mi • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-26316
1Mi
1Xiaomi Cloud
Nov 21, 2024
Aug 2, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers...Show more
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies.Show less