"Gunosy" App provided by Gunosy Inc. contains the following vulnerability. Insertion of sensitive information into sent data (CWE-201) CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 5.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Base Score 4.3 CVE-2025-44017 ## Impact If a user accesses a crafted URL, an attacker may obtain the JWT (JSON Web Token). ## Solution Update the application Update the application to the latest version according to the information provided by the developer. ## Products Affected "Gunosy" App for Android versions prior to 7.34.0 "Gunosy" App for iOS versions prior to…Read More
JVN#47404248: “Gunosy” App vulnerable to insertion of sensitive information into sent data (CWE-201)
