Arbitrary HTML Injection Vulnerability in Oculus Browser (Versions 5.2.7 - 5.7.11)

Arbitrary HTML Injection Vulnerability in Oculus Browser (Versions 5.2.7 - 5.7.11)

CVE-2019-3562 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code. This affects the Oculus Browser starting from version 5.2.7 until 5.7.11.

Learn more about our Web App Pen Testing.