CVE-2023-48128

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Jan 26, 2024

Updated: Jan 29, 2024

Summary

CVE-2023-48128 refers to a vulnerability in the UNITED BOXING GYM mini-app on Line version 13.6.1. This issue enables attackers to exploit a notification leakage vulnerability, granting them access to channel access tokens. Attackers can then craft and send malicious notifications to unsuspecting users, potentially gaining unauthorized access to sensitive information or conducting further attacks. The vulnerability poses a significant risk to users of the affected app and requires immediate mitigation efforts from the developers.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linecorp

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tYo0r_
https://www.cve.org/CVERecord?id=CVE-2023-48128
https://nvd.nist.gov/vuln/detail/CVE-2023-48128

Back to Vulnerability Database

CVE-2023-48128

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations