Vulnerabilities > Samsung > Galaxy Store > 4.5.41.8

DATE CVE VULNERABILITY TITLE RISK
2023-05-26 CVE-2023-21516 Cross-site Scripting vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8
XSS vulnerability from InstantPlay in Galaxy Store prior to version 4.5.49.8 allows attackers to execute javascript API to install APK from Galaxy Store.
network
low complexity
samsung CWE-79
critical
 9.6
9.6
2023-02-09 CVE-2023-21433 Incorrect Default Permissions vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8
Improper access control vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to install applications from Galaxy Store.
local
low complexity
samsung CWE-276
7.8
7.8
2023-02-09 CVE-2023-21434 Cross-site Scripting vulnerability in Samsung Galaxy Store 4.5.32.4/4.5.36.4/4.5.41.8
Improper input validation vulnerability in Galaxy Store prior to version 4.5.49.8 allows local attackers to execute JavaScript by launching a web page.
network
low complexity
samsung CWE-79
6.1
6.1