Published: 2024/01/24  Last Updated: 2024/01/24

Information from Mercari, Inc.

Vulnerability ID:JVN#70818619
Title:"Mercari" App for Android fails to restrict custom URL schemes properly
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

This vulnerability was remediated in version 5.78.0 of the application. We highly recommend the users update the application to the latest version. Furthermore, we confirmed that there have been no cases of users being affected by this vulnerability being exploited in the past. This vulnerability was reported by JPCERT/CC via e-mail.