LY Corporation: DOM-based XSS on mobile.line.me

The reporter found a DOM-based XSS affecting mobile.line.me, which could have resulted in an attacker gaining access to information about a user's mobile plans, usage and user details registered as part of their mobile subscription plan...