Vulnerabilities > Linecorp > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-02 CVE-2024-1143 Cross-site Scripting vulnerability in Linecorp Central Dogma
Central Dogma versions prior to 0.64.1 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.
network
low complexity
linecorp CWE-79
6.1
6.1
2024-01-26 CVE-2023-48129 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48126 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48127 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48128 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48130 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48131 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48132 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48133 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in angel coffee mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4
2024-01-26 CVE-2023-48135 Unspecified vulnerability in Linecorp Line 13.6.1
An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token.
network
low complexity
linecorp
5.4
5.4