MissVVsMystery DVE Reports

MissVVsMystery

Website: https://www.missvvsmystery.com/
Vulnerability disclosure address: NONE
Status: Supporter, working on partnership

DVE-2017-11

  • Date Posted:4/2/2017
  • Type of Vulnerability: SSL/TLS implementation on api.missvvsmystery.com is insufficient
  • Products affected: Miss-On-The-Go app for Android and iOS v1.0 and earlier
  • Found and reported by: RenderMan
  • Date Reported: 1/23/2017
  • Description: The SSL/TLS implementation on api.missvvsmystery.com which is the back end for both android and iOS apps receives an 'F' rating on ssllabs.com and suffers from several known vulnerabilities
  • Remediation: The SSL/TLS implementation on api.missvvsmystery.com was upgraded and improved and now receives an 'A' rating on ssllabs.com