CVE-2026-10510

Vulnerability Description

Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted web_action_data URL parameter.

Vulnerability Details

Published Date

June 02, 2026

Last Modified

June 02, 2026

CWE ID

CWE-79

Source

NVD

Vendor

TECNO Mobile

Product

com.transsion.aiassistantlifestyle

External References

https://security.tecno.com/SRC/securityUpdates

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment