SpayNotification Pending Intent Hijacking Vulnerability
CVE-2022-36872 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Pending Intent hijacking vulnerability in SpayNotification in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent.
Learn more about our Web Application Penetration Testing UK.