Vulnerabilities > CVE-2021-20715 - Missing Authorization vulnerability in Recruit-Holdings HOT Pepper Gourmet 4.111.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
Improper access control vulnerability in Hot Pepper Gourmet App for Android ver.4.111.0 and earlier, and for iOS ver.4.111.0 and earlier allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |