Foresight News App pro.foresightnews.appa AndroidManifest.xml improper export of android application...

4.8 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability classified as problematic was found in Foresight News App up to 2.6.4 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml of the component pro.foresightnews.appa. The manipulation leads to improper export of android application components. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-7893

Source VulDB

Published Jul 20, 2025 at 13:44

Modified Jul 21, 2025 at 12:44

Affected Product

Vendor Foresight

Product News App

Version 2.6.0

Affected Versions Foresight News App 2.6.0
Foresight News App 2.6.1
Foresight News App 2.6.2
Foresight News App 2.6.3
Foresight News App 2.6.4

CWE Classification

CWE-926

References

{
    "lastseen": "",
    "description": "A vulnerability classified as problematic was found in Foresight News App up to 2.6.4 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml of the component pro.foresightnews.appa. The manipulation leads to improper export of android application components. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-07-20T13:44:05.401Z",
    "modified": "2025-07-21T12:44:48.353Z",
    "type": "cve",
    "title": "Foresight News App pro.foresightnews.appa AndroidManifest.xml improper export of android application components",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317008\nhttps://vuldb.com/?ctiid.317008\nhttps://vuldb.com/?submit.615292\nhttps://github.com/KMov-g/androidapps/blob/main/pro.foresightnews.app.md\nhttps://github.com/KMov-g/androidapps/blob/main/pro.foresightnews.app.md#steps-to-reproduce",
    "id": "CVE-2025-7893",
    "bulletinFamily": "",
    "cwe": [
        "CWE-926"
    ],
    "cvelist": null,
    "sourceData": "Foresight News App 2.6.0\nForesight News App 2.6.1\nForesight News App 2.6.2\nForesight News App 2.6.3\nForesight News App 2.6.4",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "News App",
    "version": "2.6.0",
    "vendor": "Foresight",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Foresight News App pro.foresightnews.appa AndroidManifest.xml improper export of android application components_CVE-2025-7893