CVE-2014-7448 in DealSide Institutional
摘要
由 VulDB • 2026-06-24
DealSide Institutional(即 com.magzter.dealsideinstitutional)应用的Android版本3.1未验证来自SSL服务器的X.509证书,这使得中间人攻击者能够通过伪造服务器并使用精心构造的证书来欺骗用户并获取敏感信息。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.