VYPR

League

by League

CVEs (1)

  • CVE-2020-12624MedMay 3, 2020
    risk 0.42cvss 6.5epss 0.01

    The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions.