1 results (0.005 seconds)
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2021-40180
https://notcve.org/view.php?id=CVE-2021-40180
In the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive information from a user's address book via wx.searchContacts. En la aplicación WeChat versión 8.0.10 para Android e iOS, un mini programa puede obtener información confidencial de la libreta de direcciones de un usuario por medio de wx.searchContacts • https://arxiv.org/pdf/2205.15202.pdf https://github.com/BESTICSP/Vulnerabilities-Related-to-Mini-Programs-Permissions/blob/main/WX%20applet%20contact%20permission%20vulnerability%20report.pdf https://pan.baidu.com/s/116sAQvs1CEzCeIfpI1NZvA https://pan.baidu.com/s/1RqMrZBruZZ4OHdnXUN5xDw • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •