Descriptions

LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain conditions. This is usually impossible, but in combination with a server-side bug, attackers could get this information.

Severity

  • CVSS Score: -

Affected Versions

  • LINE client for iOS before 11.15.0

Fix

  • LINE should be updated to latest version.

Reference

  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41011
  • https://hackerone.com/reports/1279524

Updated: