Duolingo: >> Tinycards Security Vulnerabilities
The DuoLingo TinyCards application before 1.0 for Android has one use of unencrypted HTTP, which allows remote attackers to spoof content, and consequently achieve remote code execution, via a man-in-the-middle attack.
CVSS Score
8.1
EPSS Score
0.025
Published
2018-01-05