The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows for cross-site scripting (XSS) where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app...
6.1CVSS
5.7AI Score
0.0004EPSS
Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS prior to...
9.8CVSS
8.9AI Score
0.001EPSS
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group...
7.5CVSS
7.2AI Score
0.001EPSS
LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this...
7.5CVSS
7.1AI Score
0.002EPSS
LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address...
5.3CVSS
5AI Score
0.001EPSS
LINE client for iOS before 10.16.3 allows cross site script with specific header in...
6.1CVSS
5.9AI Score
0.001EPSS