CVE-2023-40530

CVE-2023-40530

EPSS 0.5%

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device.

Affected products

SKYLARK HOLDINGS CO., LTD. · 'Skylark' App for Android SKYLARK HOLDINGS CO., LTD. · 'Skylark' App for iOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://apps.apple.com/jp/app/%E3%81%99%E3%81%8B%E3%81%84%E3%82%89%E3%83%BC%E3%81%8F%E3%82%A2%E3%83%97%E3%83%AA/id906930478 https://jvn.jp/en/jp/JVN03447226/https://play.google.com/store/apps/details?id=jp.co.skylark.app.gusto