Vulnerability Description
Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Skylark | Skylark | <= 6.2.13 |
Related Weaknesses (CWE)
References
- https://apps.apple.com/jp/app/%E3%81%99%E3%81%8B%E3%81%84%E3%82%89%E3%83%BC%E3%8Product
- https://jvn.jp/en/jp/JVN03447226/Third Party Advisory
- https://play.google.com/store/apps/details?id=jp.co.skylark.app.gustoProduct
- https://apps.apple.com/jp/app/%E3%81%99%E3%81%8B%E3%81%84%E3%82%89%E3%83%BC%E3%8Product
- https://jvn.jp/en/jp/JVN03447226/Third Party Advisory
- https://play.google.com/store/apps/details?id=jp.co.skylark.app.gustoProduct
FAQ
What is CVE-2023-40530?
CVE-2023-40530 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access ...
How severe is CVE-2023-40530?
CVE-2023-40530 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-40530?
Check the references section above for vendor advisories and patch information. Affected products include: Skylark Skylark.