Vulnerability: Improper Scheme Validation in Galaxy Store Allows APK Installation via InstantPlay Deeplink

CVE-2023-21514 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Improper scheme validation from InstantPlay Deeplink in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.

Learn more about our Api Penetration Testing.