What the vulnerability does

01Description

A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code. This affects the Oculus Browser starting from version 5.2.7 until 5.7.11.

Key dates

02Disclosure timeline

April 29, 2019 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE