LINE iOS In-App Browser Address Bar Spoofing Vulnerability

Vulnerability

A vulnerability allowing address bar spoofing has been identified in the in-app browser of the LINE client for iOS, affecting versions prior to 14.14. This vulnerability could enable attackers to execute malicious JavaScript within iframes while presenting trusted URLs, potentially leading to phishing attacks by overlaying harmful content.

Impact

Exploitation of this vulnerability could facilitate phishing attacks by allowing attackers to display trusted URLs while overlaying malicious content.

Added: Dec 15, 2025, 7:22 AM

Updated: Dec 15, 2025, 7:22 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

4.4

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

4.4

remediation

0.0

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LINE iOS In-App Browser Address Bar Spoofing Vulnerability

Vulnerability

Impact

Affected Products

LINE

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating