CVE-2023-43988

Name of the Vulnerable Software and Affected Versions Line version 13.6.1

Description An issue in the nature fitness saijo mini-app on Line allows attackers to send crafted malicious notifications via leakage of the channel access token.

Recommendations For version 13.6.1, consider restricting access to the mini-app until a patch is available to prevent the leakage of the channel access token. As a temporary workaround, avoid using the nature fitness saijo mini-app on Line version 13.6.1 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.