Описание
A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by changing the translation files and thus weaken the integrity of normal use.
EPSS
Процентиль: 13%
0.00043
Низкий
4.4 Medium
CVSS3
Дефекты
CWE-497
Связанные уязвимости
CVSS3: 4.4
github
около 1 года назад
A valid set of credentials in a .js file and a static token for communication were obtained from the decompiled IPA. An attacker could use the information to disrupt normal use of the application by changing the translation files and thus weaken the integrity of normal use.
EPSS
Процентиль: 13%
0.00043
Низкий
4.4 Medium
CVSS3
Дефекты
CWE-497