Loading market data...
← Back to CVE feed

CVE-2026-10510

MEDIUM CVSS 6.1 View on NVD ↗

Description

Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Published: Jun 02, 2026 03:16 UTC Modified: Jun 02, 2026 14:50 UTC