Information from Recruit Co., Ltd.
Vulnerability ID:JVN#84820712
Title:"Rikunabi NEXT" App for Android fails to restrict custom URL schemes properly
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
"Rikunabi NEXT" App fails to restrict access permissions.
We have released the fixed version on the Google Play Store. Please update to the latest version.
- Products Affected
"Rikunabi NEXT" App for Android less than ver. 11.5.0.
- Impact
A remote attacker may lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.
- Solution
Update the Application
# All data is as of August 07, 2023.
