Описание
Improper authorization in handler for custom URL scheme issue in "Mercari" App for Android prior to version 5.78.0 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.78.0 (исключая)
cpe:2.3:a:mercari:mercari:*:*:*:*:*:android:*:*
EPSS
Процентиль: 40%
0.00182
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-862
CWE-862
Связанные уязвимости
CVSS3: 6.1
github
больше 1 года назад
Improper authorization in handler for custom URL scheme issue in "Mercari" App for Android prior to version 5.78.0 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.
EPSS
Процентиль: 40%
0.00182
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-862
CWE-862