Vulnerabilities > Planetfitness > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-23 CVE-2024-43201 Improper Certificate Validation vulnerability in Planetfitness Planet Fitness Workouts
The Planet Fitness Workouts iOS and Android mobile apps prior to version 9.8.12 (released on 2024-07-25) fail to properly validate TLS certificates, allowing an attacker with appropriate network access to obtain session tokens and sensitive information.
network
high complexity
planetfitness CWE-295
5.9