Client Secret Leakage in Matsuya Line 13.6.1: Exploiting Channel Access Token for Crafted Broadcast Messages

Client Secret Leakage in Matsuya Line 13.6.1: Exploiting Channel Access Token for Crafted Broadcast Messages

CVE-2023-39737 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

The leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messages.

Learn more about our Web Application Penetration Testing UK.