CVE-2024-54125 | THREATINT

Description

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.

PUBLISHED Reserved 2024-11-29 | Published 2024-12-17 | Updated 2024-12-17 | Assigner jpcert

LOW: 3.3CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Problem types

Improper authorization in handler for custom URL scheme

Product status

prior to 4.0.0

affected

References

shonenjumpplus.com/article/info20241216

jvn.jp/en/jp/JVN08430039/

cve.org (CVE-2024-54125)

nvd.nist.gov (CVE-2024-54125)