CVE-2023-39739
First published: Wed Oct 25 2023(Updated: )
The leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linecorp Regina Sweets\&bakery | =13.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-39739?
The severity of CVE-2023-39739 is high with a severity value of 8.2.
How can attackers exploit CVE-2023-39739?
Attackers can exploit CVE-2023-39739 by obtaining the channel access token and sending crafted broadcast messages.
What software version is affected by CVE-2023-39739?
REGINA SWEETS&BAKERY Line 13.6.1 is affected by CVE-2023-39739.
How can I fix CVE-2023-39739?
To fix CVE-2023-39739, update REGINA SWEETS&BAKERY Line to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2023-39739?
You can find more information about CVE-2023-39739 in the following references: [GitHub](https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39739.md) and [Line LIFF documentation](https://liff.line.me/1656985266-EmlxqQQx).
- collector/nvd-api
- vendor/linecorp
- canonical/linecorp regina sweets\&bakery
- version/linecorp regina sweets\&bakery/13.6.1