CVE-2026-10510

Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.
Configurations

No configuration.

History

02 Jun 2026, 14:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1

02 Jun 2026, 03:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-02 03:16

Updated : 2026-06-17 10:12


NVD link : CVE-2026-10510

Mitre link : CVE-2026-10510

CVE.ORG link : CVE-2026-10510


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')