Privilege Escalation in Galaxy Store: Improper Sanitization of Incoming Intent

Privilege Escalation in Galaxy Store: Improper Sanitization of Incoming Intent

CVE-2022-28542 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local attackers to access privileged content providers as Galaxy Store permission.

Learn more about our Web Application Penetration Testing UK.