Vulnerabilities > CVE-2024-45203 - Unspecified vulnerability in Istyle @Cosme

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

istyle

NVD

Published: 2024-09-09

Updated: 2024-09-16

Summary

Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.

Vulnerable Configurations

Part	Description	Count
Application	Istyle Istyle @Cosme *	2

References

https://jvn.jp/en/jp/JVN81570776/