MCSLaunch Deeplink URL Validation Vulnerability in Galaxy Store

MCSLaunch Deeplink URL Validation Vulnerability in Galaxy Store

CVE-2023-42580 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store.

Learn more about our Api Penetration Testing.