Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.
References
| Link | Resource |
|---|---|
| https://security.tecno.com/SRC/securityUpdates |
Configurations
No configuration.
History
02 Jun 2026, 14:16
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
02 Jun 2026, 03:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-02 03:16
Updated : 2026-06-17 10:12
NVD link : CVE-2026-10510
Mitre link : CVE-2026-10510
CVE.ORG link : CVE-2026-10510
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
