CVE-2024-54125 LOW

CVE-2024-54125

Vendor Shueisha Inc.
Product "Shonen Jump+" App for Android
Weakness CWE-939
Published December 17, 2024
Last update December 17, 2024

CVSS base score

3.3/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.

Key dates

02Disclosure timeline

December 17, 2024 CVE published
December 17, 2024 Record updated