Register
Login
Toggle navigation
SaaS Solutions
Vulnerability Intelligence
Pricing
Vulnerabilities
Reports
Blog
Contact Us
Career
Main
Vulnerability Database
CWE List
With exploit
With patch
CWE-939 - Improper Authorization in Handler for Custom URL Scheme
Description
The software uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.
Latest vulnerabilities for CWE-939
Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2022-02-08
High
Yes
Improper Authorization in Handler for Custom URL Scheme in Yappli app
2022-01-04
Low
Yes
Information disclosure in Mercari (Merpay) - Marketplace and Mobile Payments App
2021-10-29
Medium
Yes
Improper Authorization in Handler for Custom URL Scheme in Nike App
2021-10-08
Low
Yes
Remote code execution in Apple macOS
2021-09-22
Critical
No
Multiple vulnerabilities in Retty App
2021-07-14
Low
Yes
References
Description of CWE-939 on Mitre website