Lucene search
MitreVULNRICHMENT:CVE-2023-51219HistoryJun 03, 2024 - 12:00 a.m.
CVE-2023-51219
2024-06-0300:00:00
mitre
github.com
3
kakaotalk
javascript execution
access token leak
deep link validation
remote adversary
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
9.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access token could be used to take over another userβs account and read her/his chat messages.
Related
nvd
nvd
CVE-2023-51219
2024-06-03 20:15:08
cvelist
cvelist
CVE-2023-51219
2024-06-03 00:00:00
cve
cve
CVE-2023-51219
2024-06-03 20:15:08
AI Score
6.3
Confidence
Low
EPSS
0
Percentile
9.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-51219