Onepeloton: >> Peloton Security Vulnerabilities
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the mobile application.
CVSS Score
8.6
EPSS Score
0.002
Published
2021-10-25