{"uuid": "2feee62d-5f5f-45e2-85e6-4a822386df6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-1384", "type": "seen", "source": "https://t.me/cibsecurity/63228", "content": "\u203c CVE-2023-1384 \u203c\n\nThe setMediaSource function on the amzn.thin.pl service does not sanitize the \"source\" parameter allowing for arbitrary javascript code to be runThis issue affects:Amazon Fire TV Stick 3rd gen\u00c2\u00a0versions prior to 6.2.9.5.Insignia TV with FireOS\u00c2\u00a0versions prior to 7.6.3.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T16:31:04.000000Z"}