CVE-2014-7390
CVE-2014-7390 concerns the Android app “The Enchanted Fashion Crush” (package com.tabtale.springcrushbundleint) version 1.0.0, where SSL TLS server certificate verification is not performed. This enables a man-in-the-middle attacker to spoof the server and obtain sensitive data via a crafted cert...