Dropbox: Lack of account link warning enables dropbox hijacking
When I install dropbox on linux via the CLI, I get given a URL containing a token: https://www.dropbox.com/clilinknonce?nonce=blah I can give this token to another user and pretend it's a link to a dropbox file. If they aren't logged in when they click it, they will land on the login page. If the...