3 matches found
CVE-2021-20747
Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App...
CVE-2021-20747
CVE-2021-20747 concerns the Retty App (Android prior to 4.8.13, iOS prior to 4.11.14). The vulnerability is improper authorization in the custom URL scheme handler, which can let a remote attacker direct a user to an arbitrary website via the vulnerable app. Impact is described as user-directed n...
JVN#26891339: Multiple vulnerabilities in Retty App
Retty App provided by Retty Inc. contains multiple vulnerabilities listed below. The app is launched by Custom URL Scheme and a user may be led to access an arbitrary URL CWE-939 - CVE-2021-20747 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N| Base Score:...