CVE-2020-5623

Summary

NITORI App for Android versions 6.0.4 and earlier and NITORI App for iOS versions 6.0.2 and earlier allow remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phishing attack.

Affected Software

VendorProductVersion RangeStatus
Nitori Holdings Co., Ltd.NITORI App for Android and NITORI App for iOSNITORI App for Android versions 6.0.4 and earlier and NITORI App for iOS versions 6.0.2 and earlieraffected

Weaknesses

  • Fails to restrict access

ADP Enrichment

CVE Program Container

Additional References

References