Filtered by vendor Mi Subscriptions
Filtered by product Redmi 4a Firmware Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-20523 1 Mi 37 Redmi 4a, Redmi 4a Firmware, Redmi 5 Plus and 34 more 2024-08-05 5.3 Medium
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request.