4 matches found
CVE-2021-20835
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari Merpay - Marketplace and Mobile Payments App' Japan version versions prior to 4.49.1 allows a remote attacker to lead a user to access an arbitrary website and the website launches an arbitrary Activity ...
CVE-2021-20835
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari Merpay - Marketplace and Mobile Payments App' Japan version versions prior to 4.49.1 allows a remote attacker to lead a user to access an arbitrary website and the website launches an arbitrary Activity ...
CVE-2021-20835
The CVE-2021-20835 issue affects the Android app Mercari (Merpay) – Marketplace and Mobile Payments App (Japan version) prior to 4.49.1. It is described as improper handling of Intent (CWE-939) for a custom URL scheme, enabling a remote attacker to coerce a user to visit a malicious site which ca...
Android App "Mercari (Merpay) - Marketplace and Mobile Payments App" (Japan version) vulnerable to improper handling of Intent
Overview Android App "Mercari Merpay - Marketplace and Mobile Payments App" Japan version provided by Mercari, Inc. is vulnerable to improper handling of Intent CWE-939. RyotaK reported this vulnerability to Mercari, Inc. and Mercari, Inc. reported it to JPCERT/CC to disclose the vulnerability...