Filtered by vendor Theleague Subscriptions
Filtered by product The League Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-12624 1 Theleague 1 The League 2024-11-21 6.5 Medium
The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions.