Client Secret Leakage in Matsuya Line 13.6.1: Exploiting Channel Access Token for Crafted Broadcast Messages
CVE-2023-39737 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.
Learn more about our Web Application Penetration Testing UK.