CVE-2020-20093: 
Homebrew vulnerability analysis and mitigation

The Facebook Messenger app for iOS version 227.0 and prior, and Android version 228.1.0.10.116 and prior contains a URI spoofing vulnerability in its user interface. The vulnerability was assigned CVE-2020-20093 and affects how URI messages are displayed to users (NVD).

The vulnerability stems from improper representation of URI messages in the user interface, which allows for URI spoofing through specially crafted messages. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N, indicating that it requires user interaction but can lead to high impact on integrity (NVD).

When exploited, this vulnerability allows attackers to perform URI spoofing via specially crafted messages, potentially misleading users about the true destination of links. This could be used in phishing attacks or other social engineering attempts to deceive users about the authenticity of links (NVD).

Users should update their Facebook Messenger applications to versions newer than 227.0 for iOS and 228.1.0.10.116 for Android to protect against this vulnerability (NVD).