Last update: July 14, 2021 Improper Authorization in Handler for Custom URL Scheme The software uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.