CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47369
https://notcve.org/view.php?id=CVE-2023-47369
The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to send malicious notifications. La fuga del token de acceso al canal en best_training_member Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas. • https://github.com/syz913/CVE-reports/blob/main/best_training_member.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47370
https://notcve.org/view.php?id=CVE-2023-47370
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en bluetrick Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/bluetrick.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47372
https://notcve.org/view.php?id=CVE-2023-47372
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en UPDATESALON C-LOUNGE Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/UPDATESALON%20C-LOUNGE.md • CWE-326: Inadequate Encryption Strength •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47373
https://notcve.org/view.php?id=CVE-2023-47373
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims. La fuga del token de acceso al canal en DRAGON FAMILY Line 13.6.1 permite a atacantes remotos enviar notificaciones maliciosas a las víctimas. • https://github.com/syz913/CVE-reports/blob/main/DRAGON%20FAMILY.md • CWE-326: Inadequate Encryption Strength •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0897
https://notcve.org/view.php?id=CVE-2015-0897
LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM (man-in-the-middle) attacker. LINE para Android versión 5.0.2 y anteriores y LINE para iOS versión 5.0.0 y anteriores son vulnerables a ataques MITM (man-in-the-middle) ya que la aplicación permite comunicaciones que no sean SSL/TLS. Como resultado, cualquier API puede ser invocada desde un script inyectado por un atacante MITM (man-in-the-middle). • http://official-blog.line.me/ja/archives/24809761.html https://jvn.jp/en/jp/JVN41281927 • CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •