Closed iallison closed 8 years ago
It appears that CoRD uses an insecure update mechanism. In the CoRD /Applications/CoRD.app/Contents/Info.plist file the SUFeedURL is set to:
This setting makes your application vulnerable to a Man-in-the-middle attack application updates.
Please update the SUFeedURL string to use https instead of http to mitigate this issue.
CoRD is deprecated and we encourage the move to other clients:
https://github.com/dorianj/CoRD/blob/master/README.md
It appears that CoRD uses an insecure update mechanism. In the CoRD /Applications/CoRD.app/Contents/Info.plist file the SUFeedURL is set to:
This setting makes your application vulnerable to a Man-in-the-middle attack application updates.
Please update the SUFeedURL string to use https instead of http to mitigate this issue.