Mail.ru: [tanks.mail.ru] Content Spoofing

2016-01-26T13:46:48
ID H1:112871
Type hackerone
Reporter bigbear_
Modified 2018-04-26T15:23:55

Description

It was possible to insert attacker controlled text into UI message on tanks.mail.ru. tanks.mail.ru is not covered by bug bounty scope.