PT-2025-3363 · Tencent · Wesing
Zhouziyi1
·
Published
2025-01-27
·
Updated
2025-01-27
·
CVE-2024-56962
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Tencent Technology (Shanghai) Co., Ltd WeSing iOS version 9.3.39
Description
An issue in WeSing iOS allows attackers to access sensitive user information via supplying a crafted link.
Recommendations
For version 9.3.39, avoid using links from untrusted sources until a patch is available. As a temporary workaround, consider restricting access to sensitive user information to minimize the risk of exploitation.
Fix
Open Redirect
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wesing