cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2014-6041,https://securityvulnerability.io/vulnerability/CVE-2014-6041,,"The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick=""window.open('\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser.",Google,Android Browser,,,0.908270001411438,false,false,false,false,,false,false,2014-09-02T10:00:00.000Z,0
CVE-2008-7298,https://securityvulnerability.io/vulnerability/CVE-2008-7298,,"The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a ""cookie forcing"" issue.",Google,"Android,Android Browser",,,0.0014299999456852674,false,false,false,false,,false,false,2011-08-09T19:55:00.000Z,0