Yahoo! JAPAN App for Android v2.3.1 to v3.161.1 and Yahoo! JAPAN App for iOS v3.2.2 to v4.109.0 contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the WebView of Yahoo! JAPAN App via other app installed on the users device.