Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2021-20873
HistoryDec 28, 2021 - 1:30 a.m.

CVE-2021-20873

2021-12-2801:30:12
jpcert
www.cve.org

8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.0%

JSON

Yappli is an application development platform which provides the function to access a requested URL using Custom URL Scheme. When Android apps are developed with Yappli versions since v7.3.6 and prior to v9.30.0, they are vulnerable to improper authorization in Custom URL Scheme handler, and may be directed to unintended sites via a specially crafted URL.

CNA Affected

[
  {
    "product": "Yappli",
    "vendor": "Yappli, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "versions since v7.3.6 and prior to v9.30.0"
      }
    ]
  }
]

Related

cve 1
nvd 1
jvn 1
cnvd 1
prion 1
cve
cve
CVE-2021-20873
2021-12-28 02:15:06
nvd
nvd
CVE-2021-20873
2021-12-28 02:15:06
jvn
jvn
JVN#66422035: Android Apps developed using Yappli fails to restrict custom URL schemes properly
2021-12-22 00:00:00
cnvd
cnvd
Yappli has unspecified vulnerabilities
2021-12-24 00:00:00
prion
prion
Authorization
2021-12-28 02:15:00

8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.0%

JSON
Related for CVELIST:CVE-2021-20873
cve1nvd1jvn1cnvd1prion1