CVE-2024-27440

Publication date

2024-03-13 05:40:22

Family

jpcert

State

PUBLISHED

Description

The Toyoko Inn official App for iOS versions prior to 1.13.0 and Toyoko Inn official App for Android versions prior 1.3.14 dont properly verify server certificates, which allows a man-in-the-middle attacker to spoof servers and obtain sensitive information via a crafted certificate.