Code Vulnerabilities Leak Emails in Proton Mail
(www.sonarsource.com)
from tedu@azorius.net to cloudsec@azorius.net on 06 Sep 2023 08:19
https://azorius.net/g/cloudsec/p/JNjMrqwzmqP23WRtlS-Code-Vulnerabilities-Leak-Emails-in-Proton-Mail
from tedu@azorius.net to cloudsec@azorius.net on 06 Sep 2023 08:19
https://azorius.net/g/cloudsec/p/JNjMrqwzmqP23WRtlS-Code-Vulnerabilities-Leak-Emails-in-Proton-Mail
In this blog post, we first present the technical details of the vulnerabilities we found in Proton Mail. We show how an innocent-looking piece of code led to a Cross-Site Scripting issue that made it possible for attackers to steal unencrypted emails and impersonate victims.
#cloudsec
threaded - newest