Nao Komatsu

Researcher fromLAC Co., Ltd.
#22111of 53,635
10.4Total CVSS
Vulnerabilities · 2
Medium
2
PT-2023-26988
6.1
2023-08-16
Unknown · Rikunabi Next App · CVE-2023-39507
**Name of the Vulnerable Software and Affected Versions** Rikunabi NEXT App for Android versions prior to 11.5.0 **Description** The issue is related to improper authorization in the custom URL scheme handler, allowing a malicious intent to lead the vulnerable App to access an arbitrary website. **Recommendations** For versions prior to 11.5.0, update to version 11.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the custom URL scheme handler until a patch is available.
PT-2021-14232
4.3
2021-07-07
Gu App · Gu App · CVE-2021-20777
Name of the Vulnerable Software and Affected Versions: GU App for Android versions 4.8.0 through 5.0.2 Description: The issue is related to improper authorization in the handler for a custom URL scheme, allowing a remote attacker to lead a user to access an arbitrary website via the vulnerable App. Recommendations: For GU App for Android versions 4.8.0 through 5.0.2, update to a version outside of this range to resolve the issue.