Описание
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks.
Ссылки
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 13.8.0 (включая) до 15.5.0 (включая)
cpe:2.3:a:linecorp:line:*:*:*:*:*:android:*:*
EPSS
Процентиль: 8%
0.00029
Низкий
3.4 Low
CVSS3
4.7 Medium
CVSS3
Дефекты
CWE-451
Связанные уязвимости
CVSS3: 3.4
github
около 2 месяцев назад
LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks.
EPSS
Процентиль: 8%
0.00029
Низкий
3.4 Low
CVSS3
4.7 Medium
CVSS3
Дефекты
CWE-451