PT-2025-3362 · Apple · Ios
Zhouziyi1
·
Published
2025-01-27
·
Updated
2025-01-27
·
CVE-2024-56960
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Tianjin Xiaowu Information technology Co., Ltd BeiKe Holdings iOS version 1.3.50
Description
The issue allows attackers to access sensitive user information via supplying a crafted link.
Recommendations
For Tianjin Xiaowu Information technology Co., Ltd BeiKe Holdings iOS version 1.3.50, consider avoiding the use of crafted links until a patch is available. As a temporary workaround, restrict access to sensitive user information to minimize the risk of exploitation.
Fix
Open Redirect
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ios