CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43988
https://notcve.org/view.php?id=CVE-2023-43988
24 Jan 2024 — An issue in nature fitness saijo mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app natural fitness saijo en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas a través de la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43988.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44000
https://notcve.org/view.php?id=CVE-2023-44000
24 Jan 2024 — An issue in Otakara lapis totuka mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app Otakara lapis totuka en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-44000.md •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43992
https://notcve.org/view.php?id=CVE-2023-43992
24 Jan 2024 — An issue in STOCKMAN GROUP mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app STOCKMAN GROUP en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43992.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43995
https://notcve.org/view.php?id=CVE-2023-43995
24 Jan 2024 — An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app picot.golf en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43995.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-44001
https://notcve.org/view.php?id=CVE-2023-44001
24 Jan 2024 — An issue in Ailand clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app de la clínica Ailand en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-44001.md •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43990
https://notcve.org/view.php?id=CVE-2023-43990
24 Jan 2024 — An issue in cherub-hair mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app cherub-hair en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43990.md •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43999
https://notcve.org/view.php?id=CVE-2023-43999
24 Jan 2024 — An issue in COLORFUL_laundry mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app COLORFUL_laundry en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43999.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43996
https://notcve.org/view.php?id=CVE-2023-43996
24 Jan 2024 — An issue in Q co ltd mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app Q co ltd en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43996.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43991
https://notcve.org/view.php?id=CVE-2023-43991
24 Jan 2024 — An issue in PRIMA CLINIC mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app PRIMA CLINIC en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43991.md •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43998
https://notcve.org/view.php?id=CVE-2023-43998
24 Jan 2024 — An issue in Books-futaba mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la mini-app Books-futaba en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43998.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •