5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.0005 Low
EPSS
Percentile
17.8%
LINE@ provided by LINE Corporation is an application used to communicate with others. LINE@ is vulnerable to MITM (man-in-the-middle) attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker.
A script may be injected by a MITM (man-in-the-middle) attacker. As a result, any API can be invoked through the injected script.
Update the software
Update to the latest version according to the information provided by the developer.
According to the developer, this vulnerability was addressed on the server side. However, the developer recommends updating the application for security purposes.