Improper authorization in handler for custom URL scheme issue in βZOZOTOWNβ App for Android versions prior to 7.39.6 allows an attacker to lead a user to access an arbitrary website via another application installed on the userβs device. As a result, the user may become a victim of a phishing attack.
[
{
"vendor": "ZOZO, Inc.",
"product": "'ZOZOTOWN' App for Android",
"versions": [
{
"version": "prior to 7.39.6",
"status": "affected"
}
]
}
]