[Japanese] | |
JVNDB-2015-000133 | |
Koritore vulnerable to URL whitelist bypass | |
Overview | |
Koritore provided by Newphoria Corporation Inc. is an application for both iOS or Android built using "applican". Koritore contains an issue where an arbitrary page may be loaded if the application is launched using the URL-scheme. | |
CVSS Severity (What is CVSS?) | |
CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
| |
Affected Products | |
| |
Newphoria Corporation | |
| |
Impact | |
Android version of this app may allow an applican API to be executed if that API has been granted permission in the android manifest. | |
Solution | |
[Update the Software] | |
Vendor Information | |
Newphoria Corporation | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2015/09/16 |
Date First Published | 2015/09/16 |
Date Last Updated | 2015/10/02 |