1 results (0.003 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-43201
https://notcve.org/view.php?id=CVE-2024-43201
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information. • https://apps.apple.com/us/app/planet-fitness-workouts/id399857015 https://dontvacuum.me/bugs/pf • CWE-295: Improper Certificate Validation •