48 matches found
CVE-2023-48129
An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48135
An issue in mimasakafarm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48131
An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48128
An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48130
An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48126
An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
Design/Logic Flaw
An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
Information disclosure
An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
Design/Logic Flaw
An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
Code injection
An issue in angel coffee mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48126
The CVE-2023-48126 entry concerns the Luxe Beauty Clinic mini-app on Line v13.6.1. The vulnerability arises from leakage of the channel access token, enabling attackers to craft and send malicious notifications. Affected component: Luxe Beauty Clinic mini-app; root cause: exposure/leak of the cha...
CVE-2023-48132
An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48133
CVE-2023-48133 affects Line’s angel coffee mini-app (Line v13.6.1). The underlying issue is leakage of the channel access token, enabling attackers to send crafted malicious notifications. CVSS: Network attack, low complexity, low privileges, no user interaction, confidentiality/integrity impact ...
CVE-2023-48127
An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48132
The CVE-2023-48132 issue affects Line v13.6.1 in the kosei entertainment esportsstudioLegends mini-app, where leakage of the channel access token enables attackers to send crafted malicious notifications. Sources consistently describe the vulnerability as tied to the mini-app’s handling of tokens...
CVE-2023-48131
An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48135
The CVE-2023-48135 issue affects the Line platform’s mimasaka_farm mini-app (Line v13.6.1). The root cause is leakage of the channel access token, which enables a remote attacker to send crafted malicious notifications. This is described across multiple connected sources (Red Hat, NVD, CVE lists)...
CVE-2023-48129
An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-48128
An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...
CVE-2023-43997
An issue in Yoruichi hobby base mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token...