exploitDog

CVE-2023-39740

Опубликовано: 25 окт. 2023

Источник: nvd

CVSS3: 8.2

EPSS Низкий

Описание

The leakage of the client secret in Onigiriya-musubee Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

Ссылки

https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39740.md
Exploit
Third Party Advisory
https://liff.line.me/1657597257-0ozj8DwJ
Product
https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39740.md
Exploit
Third Party Advisory
https://liff.line.me/1657597257-0ozj8DwJ
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:linecorp:onigiriya-musubee:13.6.1:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00186

Низкий

8.2 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-269

Связанные уязвимости

GHSA-7pc9-4xmj-8wv3

CVSS3: 7.5

github

больше 2 лет назад

The leakage of the client secret in Onigiriya-musubee Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

EPSS

Процентиль: 41%

0.00186

Низкий

8.2 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-269