Sup all,
If somehow you've subscribed to my RSS feed and get bombarded by several "code injection" posts, I want to sincerely apologize to you. :(
But good news, I've found and confirmed a security vulnerability that allows JavaScript execution on a Android Mobile App. I've sent an email to the developer and ethical disclosure is in progress.
To make all for all the mucks, I promise to upload some screenshots after the issue's been fixed. =D
Till then folks~
UPDATED: The vulnerability was confirmed and reported. For more details, see http://breaktoprotect.blogspot.sg/2014/04/feedly-android-application-zero-day.html
J.S.
If somehow you've subscribed to my RSS feed and get bombarded by several "code injection" posts, I want to sincerely apologize to you. :(
But good news, I've found and confirmed a security vulnerability that allows JavaScript execution on a Android Mobile App. I've sent an email to the developer and ethical disclosure is in progress.
To make all for all the mucks, I promise to upload some screenshots after the issue's been fixed. =D
Till then folks~
UPDATED: The vulnerability was confirmed and reported. For more details, see http://breaktoprotect.blogspot.sg/2014/04/feedly-android-application-zero-day.html
J.S.
No comments:
Post a Comment