Kindred Group: Full Account Takeover on *.unibet.com due to crossdomain.xml and AkamaiPlayer loaderContext
==Below is the original, partially-redacted report== --------- Hi, The core issue here are two things: 1. The too wide crossdomain.xml located at: https://payment.unibet.com/crossdomain.xml https://se.unibet.com/crossdomain.xml https://www.unibet.com/crossdomain.xml 2. Issues with not-in-scope...