CVE-2023-39507
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Aug 16, 2023
Updated: Aug 22, 2023
CWE ID 862
Summary
CVE-2023-39507 is a vulnerability affecting the "Rikunabi NEXT" App for Android versions prior to 11.5.0. This issue involves an improper authorization in the custom URL scheme handler, allowing a malicious actor to manipulate the App into accessing unintended websites. This could potentially lead to unauthorized data access or theft, as well as other security risks. Users are recommended to update their App to the latest version to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Recruit Holdings Co., Ltd.