CVE-2025-14020

Medium CVSS: 5.4

LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by impersonating legitimate interfaces.

Vendor

Linecorp

Product

Line

CWE

CWE-451

Yayın Tarihi

2025-12-15 07:15:50

Güncelleme

2025-12-18 02:04:03

Source Identifier

dl_cve@linecorp.com

KEV Date Added

Kategoriler

CWE-451 Line MEDIUM Linecorp 2025

Referanslar

https://hackerone.com/reports/2547989

Benzer Kayıtlar

Low

CVE-2025-14023

LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app…

Medium

CVE-2025-14021

The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could all…

High

CVE-2025-14022

LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an…

Low

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific l…

Medium

CVE-2025-11222

Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to u…