Arbitrary Website Access and Phishing Vulnerability in CREATE SD Official App for Android (Versions 1.0.2 and Earlier)

Arbitrary Website Access and Phishing Vulnerability in CREATE SD Official App for Android (Versions 1.0.2 and Earlier)

CVE-2019-5955 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

CREATE SD official App for Android version 1.0.2 and earlier allows remote attackers to bypass access restriction to lead a user to access an arbitrary website via vulnerable application and conduct phishing attacks.

Learn more about our Cis Benchmark Audit For Google Android.