Cross-Site Scripting Vulnerability in Yahoo! JAPAN App for Android and iOS
CVE-2024-28895

Currently unrated

Key Information:

Vendor: Yahoo! JAPAN
Vendor: CVE Published:; 1 April 2024

🔔 Create Yahoo! JAPAN Vulnerability Alert

What is CVE-2024-28895?

'Yahoo! JAPAN' App for Android v2.3.1 to v3.161.1 and 'Yahoo! JAPAN' App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of 'Yahoo! JAPAN' App via other app installed on the user's device.

References

https://jvn.jp/en/jp/JVN23528780/

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 1, 2024

CVE-2024-28895 Data

JSON