Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-28387

Published: 30/06/2023 Updated: 07/07/2023
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

"NewsPicks" App for Android versions 10.4.5 and previous versions and "NewsPicks" App for iOS versions 10.4.2 and previous versions use hard-coded credentials, which may allow a local malicious user to analyze data in the app and to obtain API key for an external service.

Vulnerable Product Search on Vulmon Subscribe to Product

uzabase newspicks

References

CWE-798https://jvn.jp/en/jp/JVN32739265/https://play.google.com/store/apps/details?id=com.newspickshttps://apps.apple.com/us/app/%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%BA%E3%83%94%E3%83%83%E3%82%AF%E3%82%B9-%E3%83%93%E3%82%B8%E3%83%8D%E3%82%B9%E3%81%AB%E5%BD%B9%E7%AB%8B%E3%81%A4%E7%B5%8C%E6%B8%88%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%A2%E3%83%97%E3%83%AA/id640956497https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middlecommand injectionCVE-2021-47511CVE-2024-26238CVE-2024-4858CVE-2024-21305XXECVE-2021-47555CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook