CVE-2016-8504

CVE-2016-8504

EPSS 0.6%

CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.

Affected products

Yandex N.V. · Yandex Browser for desktop

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://browser.yandex.com/security/changelogs/http://www.securityfocus.com/bid/93924