CVE-2015-0897: LINE script injection

2015-03-20T00:00:00
ID CVE-2015-0897
Type cve
Reporter NVD
Modified 2015-03-20T00:00:00

Description

LINE is vulnerable to MITM (man-in-the-middle) attacks, caused by non-SSL/TLS communications. A remote attacker could exploit this vulnerability to inject malicious script in a LINE application within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.