CVE-2023-45560

Name of the Vulnerable Software and Affected Versions Yasukawa memberscard version 13.6.1

Description An issue in the software allows attackers to send crafted notifications via leakage of the channel access token. This can potentially lead to unauthorized access and manipulation of user notifications.

Recommendations For Yasukawa memberscard version 13.6.1, consider restricting access to the notification system until a patch is available. As a temporary workaround, disabling the notification feature can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.