CVE-2023-48130

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 26, 2024
Updated: Jan 29, 2024

Summary

CVE-2023-48130 is a vulnerability affecting the GINZA CAFE mini-app on Line version 13.6.1. This issue grants attackers the ability to send malicious notifications, exploiting the leakage of the channel access token. Attackers can manipulate the notifications to distribute phishing links, install malware, or perform unauthorized actions on the affected Line account. The vulnerability poses a significant risk to user privacy and security, and users are advised to update their apps to the latest version as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share