Vulnerabilities > Lenovo > Shareit > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-23 | CVE-2016-4783 | Cross-site Scripting vulnerability in Lenovo Shareit 3.5.98Ww Cross-site scripting (XSS) vulnerability in Lenovo SHAREit before 3.5.98_ww on Android before 4.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." | 6.1 |
| 2016-01-26 | CVE-2016-1492 | Improper Access Control vulnerability in Lenovo Shareit 3.0.18Ww The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files, does not require a password, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area. | 6.1 |
| 2016-01-26 | CVE-2016-1490 | Information Exposure vulnerability in Lenovo Shareit 2.5.1.1 The Wifi hotspot in Lenovo SHAREit before 3.2.0 for Windows allows remote attackers to obtain sensitive file names via a crafted file request to /list. | 4.1 |