Android App 'Mercari' (Japan version) prior to version 3.52.0 allows arbitrary method execution of a Java object by a remote attacker via a Man-In-The-Middle attack by using Java Reflection API of JavaScript code on WebView.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://jvn.jp/en/jp/JVN93167107/index.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2020-07-09T01:05:20
Updated: 2024-08-04T08:30:24.580Z
Reserved: 2020-01-06T00:00:00
Link: CVE-2020-5604
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-07-09T02:15:10.527
Modified: 2024-11-21T05:34:20.907
Link: CVE-2020-5604
Redhat
No data.