GeniexWebView XSS in com.transsion.aiassistantlifestyle_CVE-2026-10510

6.1 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Description

Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.

Basic Information

ID CVE-2026-10510

Source TECNOMobile

Published Jun 2, 2026 at 01:56

Modified Jun 2, 2026 at 13:35

Affected Product

Vendor TECNO Mobile

Product com.transsion.aiassistantlifestyle

Version v1.3.0.002

Affected Versions TECNO Mobile com.transsion.aiassistantlifestyle v1.3.0.002

CWE Classification

CWE-79

References

security.tecno.com /SRC/securityUpdates

{
    "lastseen": "",
    "description": "Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.",
    "published": "2026-06-02T01:56:42.448Z",
    "modified": "2026-06-02T13:35:44.676Z",
    "type": "cve",
    "title": "GeniexWebView XSS in com.transsion.aiassistantlifestyle",
    "source": "TECNOMobile",
    "references": "https://security.tecno.com/SRC/securityUpdates",
    "id": "CVE-2026-10510",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "TECNO Mobile com.transsion.aiassistantlifestyle v1.3.0.002",
    "sourceHref": "",
    "cvss": {
        "score": 6.1,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "com.transsion.aiassistantlifestyle",
    "version": "v1.3.0.002",
    "vendor": "TECNO Mobile",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}