CVE-2012-5822
The CVE-2012-5822 issue lies in Zamboni’s contribution feature, which does not verify that the server hostname matches a domain name in the certificate’s CN or subjectAltName. This allows man-in-the-middle attackers to spoof SSL servers by presenting arbitrary valid certificates, related to the P...