Client Secret Leakage in Kaibutsunosato v13.6.1: Exploiting Channel Access Token for Unauthorized Broadcast Messages
CVE-2023-39731 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
The leakage of the client secret in Kaibutsunosato v13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
Learn more about our Web Application Penetration Testing UK.