← Back

The League

the_league

Vendor: Theleague • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-12624
1Theleague
1The League
Nov 21, 2024
May 3, 2020
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attac...Show more
The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions.Show less