Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app.
[
{
"product": "Studyplus App",
"vendor": "Studyplus Inc.",
"versions": [
{
"status": "affected",
"version": "for Android v6.3.7 and earlier, and for iOS v8.29.0 and earlier"
}
]
}
]