CVE-2024-46960

EUVD-2024-42162
The ASD com.rocks.video.downloader (aka HD Video Downloader All Format) application through 7.0.129 for Android allows an attacker to execute arbitrary JavaScript code via the com.rocks.video.downloader.MainBrowserActivity component.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
asdcomhd_video_downloader
𝑥
≤ 7.0.129_for_android
ADP
Common Weakness Enumeration
References
https://github.com/actuator/com.rocks.video.downloader/blob/main/CVE-2024-46960