‘Yahoo! JAPAN’ App for Android v2.3.1 to v3.161.1 and ‘Yahoo! JAPAN’ App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of ‘Yahoo! JAPAN’ App via other app installed on the user’s device.
Vendor | Product | Version | CPE |
---|---|---|---|
ly_corporation | \'yahoo\!_japan\'_app_for_android | * | cpe:2.3:a:ly_corporation:\'yahoo\!_japan\'_app_for_android:*:*:*:*:*:*:*:* |
ly_corporation | \'yahoo\!_japan\'_app_for_ios | * | cpe:2.3:a:ly_corporation:\'yahoo\!_japan\'_app_for_ios:*:*:*:*:*:*:*:* |
[
{
"vendor": "LY Corporation",
"product": "'Yahoo! JAPAN' App for Android",
"versions": [
{
"version": "v2.3.1 to v3.161.1",
"status": "affected"
}
]
},
{
"vendor": "LY Corporation",
"product": "'Yahoo! JAPAN' App for iOS",
"versions": [
{
"version": "v3.2.2 to v4.109.0",
"status": "affected"
}
]
}
]