CVE-2023-36612

Published: Jun 25, 2023

Modified: Nov 27, 2024

PUBLISHED

Description

Directory traversal can occur in the Basecamp com.basecamp.bc3 application before 4.2.1 for Android, which may allow an attacker to write arbitrary files in the application's private directory. Additionally, by using a malicious intent, the attacker may redirect the server's responses (containing sensitive information) to third-party applications by using a custom-crafted deeplink scheme.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://hackerone.com/reports/1710541

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-36612

Description

Affected Products

References