CVE-2014-5578

Name of the Vulnerable Software and Affected Versions Trading 212 FOREX (aka com.avuscapital.trading212) version 2.0.8 and earlier

Description The issue allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, as the application does not verify X.509 certificates from SSL servers.

Recommendations For versions prior to 2.0.9, update to version 2.0.9 or later to resolve the issue.