CVE-2021-20715

2021-04-2705:42:33

jpcert

www.cve.org

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

Improper access control vulnerability in Hot Pepper Gourmet App for Android ver.4.111.0 and earlier, and for iOS ver.4.111.0 and earlier allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.

CNA Affected

[
  {
    "product": "Hot Pepper Gourmet App",
    "vendor": "Recruit Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "for Android ver.4.111.0 and earlier, and for iOS ver.4.111.0 and earlier"
      }
    ]
  }
]

References

jvn.jp/en/jp/JVN97434260/index.html