CVE-2023-39736
First published: Wed Oct 25 2023(Updated: )
The leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linecorp Fukunaga Memberscard | =13.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-39736?
CVE-2023-39736 is a vulnerability in Fukunaga_memberscard Line 13.6.1 that allows attackers to obtain the channel access token and send crafted broadcast messages.
What is the severity level of CVE-2023-39736?
The severity level of CVE-2023-39736 is high, with a CVSS score of 8.2.
How can attackers exploit CVE-2023-39736?
Attackers can exploit CVE-2023-39736 to obtain the client secret and channel access token, allowing them to send crafted broadcast messages.
How can I fix CVE-2023-39736?
To fix CVE-2023-39736, it is recommended to upgrade to a secure version of Fukunaga_memberscard Line, such as version 13.6.2 or later, which addresses the vulnerability.
Where can I find more information about CVE-2023-39736?
More information about CVE-2023-39736 can be found in the following references: [CVE-2023-39736 on GitHub](https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39736.md) and [Fukunaga_memberscard Line on LIFF](https://liff.line.me/1657606123-4Kp0xVrP).
- collector/nvd-api
- agent/references
- agent/author
- agent/severity
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- vendor/linecorp
- canonical/linecorp fukunaga memberscard
- version/linecorp fukunaga memberscard/13.6.1