URI Spoofing Vulnerability in Instagram for iOS and Android by Facebook
CVE-2020-20094

6.5MEDIUM

Key Information:

Vendor

Facebook

Status
Instagram
Vendor
CVE Published:
23 March 2022

What is CVE-2020-20094?

A vulnerability exists in Instagram for iOS and Android that fails to properly represent URI messages in its user interface. This flaw allows attackers to exploit URI spoofing by crafting malicious messages that can mislead users into believing the messages originate from legitimate sources. Users on Instagram versions iOS 106.0 and earlier, as well as Android 107.0.0.11 and earlier, are particularly at risk. The inadequate representation of URI messages poses significant security concerns, potentially exposing users to phishing attacks and other malicious activities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/zadewg/RIUS
x_refsource_MISC
http://packetstormsecurity.com/files/166448/RTLO-Injectio...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.