CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1143
https://notcve.org/view.php?id=CVE-2024-1143
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass. Las versiones de Central Dogma anteriores a la 0.64.0 son vulnerables a Cross-Site Scripting (XSS), lo que podría permitir la fuga de sesiones de usuario y la posterior omisión de autenticación. • https://github.com/line/centraldogma/security/advisories/GHSA-34q3-p352-c7q8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48127
https://notcve.org/view.php?id=CVE-2023-48127
An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la miniaplicación myGAKUYA en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/myGAKUYA.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48131
https://notcve.org/view.php?id=CVE-2023-48131
An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la miniaplicación CHIGASAKI BAKERY en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/CHIGASAKI%20BAKERY.md •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48126
https://notcve.org/view.php?id=CVE-2023-48126
An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la miniaplicación Luxe Beauty Clinic en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/Luxe%20Beauty%20Clinic.md •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-48128
https://notcve.org/view.php?id=CVE-2023-48128
An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token. Un problema en la miniaplicación UNITED BOXING GYM en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal. • https://github.com/syz913/CVE-reports/blob/main/UNITED%20BOXING%20GYM.md •