CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-54125: Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead...

3.3 CVSS

Description

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.

Classification

CVE ID: CVE-2024-54125

CVSS Base Severity: LOW

CVSS Base Score: 3.3

Affected Products

Vendor: SHUEISHA INC.

Product: "Shonen Jump+" App for Android

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.48% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://shonenjumpplus.com/article/info20241216
https://jvn.jp/en/jp/JVN08430039/

Timeline

2024-12-18 00:30:39 UTC
CVE

Improper authorization in handler for custom URL scheme issue in "Shonen Jump+" App for Android versions prior to 4.0.0 allows an attacker to lead...