Author: Cyberthreat Blog

Heartland Payment Systems Payment Gateway PHP SDK hps/heartland-php v2.8.17 is vulnerable to a reflected XSS in examples/consumer-authentication/cruise.php via the URI, as demonstrated by the cavv parameter.

Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2.

WAON “Service Application” for Android 1.4.1 and earlier does not verify SSL certificates.

Sushiro App for iOS 2.1.16 and earlier and Sushiro App for Android 2.1.16.1 and earlier do not verify SSL certificates.

Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates.