2 matches found
CVE-2020-5667
Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...
CVE-2020-5667
Studyplus App (Android v6.3.7 and earlier; iOS v8.29.0 and earlier) contains a hard-coded API key for an external service, enabling an attacker to retrieve the key by analyzing app data. Root cause: hard-coded credentials in the client. Impact: potential exposure of the external service API key; ...