CVE-2025-41408 in Yahoo Shopping Appinformazioni

Riassunto

di MITRE • 05/09/2025

Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Android versions prior to 14.15.0 allows a remote unauthenticated attacker may lead a user to access an arbitrary website on the vulnerable App. As a result, the user may become a victim of a phishing attack.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsabile

Jpcert

Prenotare

29/08/2025

Divulgazione

05/09/2025

Moderazione

accettato

CPE

pronto

EPSS

0.00253

KEV

no

Attività

molto basso

Fonti

Might our Artificial Intelligence support you?

Check our Alexa App!