Vulnerability Details CVE-2021-20747
Improper authorization in handler for custom URL scheme vulnerability in Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.1%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.3
Products affected by CVE-2021-20747
-
-
cpe:2.3:a:retty:retty:4.10.10
-
cpe:2.3:a:retty:retty:4.10.11
-
cpe:2.3:a:retty:retty:4.10.12
-
cpe:2.3:a:retty:retty:4.10.13
-
cpe:2.3:a:retty:retty:4.10.6
-
cpe:2.3:a:retty:retty:4.10.7
-
cpe:2.3:a:retty:retty:4.10.8
-
cpe:2.3:a:retty:retty:4.10.9
-
cpe:2.3:a:retty:retty:4.11.0
-
cpe:2.3:a:retty:retty:4.11.1
-
cpe:2.3:a:retty:retty:4.11.10
-
cpe:2.3:a:retty:retty:4.11.11
-
cpe:2.3:a:retty:retty:4.11.12
-
cpe:2.3:a:retty:retty:4.11.13
-
cpe:2.3:a:retty:retty:4.11.2
-
cpe:2.3:a:retty:retty:4.11.3
-
cpe:2.3:a:retty:retty:4.11.4
-
cpe:2.3:a:retty:retty:4.11.5
-
cpe:2.3:a:retty:retty:4.11.6
-
cpe:2.3:a:retty:retty:4.11.7
-
cpe:2.3:a:retty:retty:4.11.8
-
cpe:2.3:a:retty:retty:4.11.9