2 matches found
CVE-2021-20835
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari Merpay - Marketplace and Mobile Payments App' Japan version versions prior to 4.49.1 allows a remote attacker to lead a user to access an arbitrary website and the website launches an arbitrary Activity ...
CVE-2021-20835
The CVE-2021-20835 issue affects the Android app Mercari (Merpay) – Marketplace and Mobile Payments App (Japan version) prior to 4.49.1. It is described as improper handling of Intent (CWE-939) for a custom URL scheme, enabling a remote attacker to coerce a user to visit a malicious site which ca...