Mail.ru: XSS via HTTP request version in account.my.games

Server reflects a version of HTTP protocol as HTTP response version without filtering.

This behavior does not lead to security issues, because there are no known ways to manipulate request version in any of supported clients, request used violates HTTP protocol and can not be produced with browser. It was researched and fixed in account.my.games, but similar issues are to be rejected in the future because the lack of security impact.