CWE-939
Improper Authorization in Handler for Custom URL Scheme
The product uses a handler for a custom URL scheme, but it does not properly restrict which actors can invoke the handler using the scheme.
Official CWE-939 definition at MITREImpactr finds and proves weaknesses like CWE-939 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist