Mail.ru: CSRF уязвимость позволяет взять беспроцентный кредит пользователю cfire.mail.ru
CSRF vulnerability in Crossfire cfire.mail.ru allowed to force user to request game credit. On the time of reporting, game/business logic vulnerabilities in cfire.mail.ru are not covered by bug bounty program...