Yuta Teshima

**Name of the Vulnerable Software and Affected Versions** Jetstar App for iOS versions prior to 3.0.0 **Description** The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, as the Jetstar App for iOS does not verify X.509 certificates from SSL servers. **Recommendations** For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Sushiro App for iOS versions 2.1.16 and earlier Sushiro App for Android versions 2.1.16.1 and earlier **Description** The issue is related to the failure of the Sushiro App to verify SSL certificates. This could potentially allow for man-in-the-middle attacks. **Recommendations** For Sushiro App for iOS versions 2.1.16 and earlier, update to a version that properly verifies SSL certificates. For Sushiro App for Android versions 2.1.16.1 and earlier, update to a version that properly verifies SSL certificates.

**Name of the Vulnerable Software and Affected Versions** I-O DATA DEVICE WN-G300R versions 1.12 and earlier I-O DATA DEVICE WN-G300R2 versions 1.12 and earlier I-O DATA DEVICE WN-G300R3 versions 1.01 and earlier **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For I-O DATA DEVICE WN-G300R versions 1.12 and earlier, update to a version later than 1.12. For I-O DATA DEVICE WN-G300R2 versions 1.12 and earlier, update to a version later than 1.12. For I-O DATA DEVICE WN-G300R3 versions 1.01 and earlier, update to a version later than 1.01.