12 matches found
EUVD-2022-44965
Malicious code in bioql PyPI...
CVE-2022-41797
Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a...
CVE-2022-41797
Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a...
CVE-2022-41797
Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a...
Authorization
Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a...
CVE-2022-41797
The CVE-2022-41797 entry describes an improper authorization flaw in Lemon8 App’s handler for a custom URL scheme.Affected software: Lemon8 App for Android and iOS (prior to version 3.3.5).Cause: the app fails to restrict URL scheme access, enabling a remote attacker to direct a user to an arbitr...
PT-2022-26076 · Unknown · Lemon8 App For Android +1
Name of the Vulnerable Software and Affected Versions: Lemon8 App for Android versions prior to 3.3.5 Lemon8 App for iOS versions prior to 3.3.5 Description: The issue is related to improper authorization in the handler for a custom URL scheme, allowing a remote attacker to lead a user to access ...
CVE-2022-41797
Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a...
CVE-2022-41797
Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a...
Lemon8 App fails to restrict access permissions
Overview Lemon8 by ByteDance K.K. provides the function to access a requested URL using Custom URL Scheme/DeepLink. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Ryo Sato of BroadBand Security,Inc. reported this...
JVN#10921428: Lemon8 App fails to restrict access permissions
Lemon8 by ByteDance K.K. provides the function to access a requested URL using Custom URL Scheme/DeepLink. The App does not restrict access to the function properly CWE-939 which may be exploited to direct the App to access any sites. Impact A remote attacker may lead a user to access an arbitrar...
ByteDance Lemon8 安全漏洞
ByteDance Lemon8 is a lifestyle messaging application for young people from China's ByteDance. A security vulnerability exists in ByteDance Lemon8 versions prior to 3.3.5. The vulnerability stems from the fact that it does not have reasonably restricted access privileges, which could allow a remo...