CVE-2024-28895

Published: Apr 1, 2024

Modified: Nov 6, 2024

PUBLISHED

Description

'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's device.

Vendor	Product	Versions
LY Corporation	'Yahoo! JAPAN' App for Android	affected `v2.3.1 to v3.161.1`
LY Corporation	'Yahoo! JAPAN' App for iOS	affected `v3.2.2 to v4.109.0`

References

https://jvn.jp/en/jp/JVN23528780/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-28895

Description

Affected Products

References