Ctrip APP payment passwords suffer from a plaintext transmission vulnerability
Ctrip APP is a mobile client that provides users with mobile booking services for special hotels, discounted air tickets and train tickets. A plaintext transmission vulnerability exists in the payment password of Ctrip APP. Since the client does not encrypt the user's payment password, an attacke...