I have found an identical vulnerability in Twitter and they gave me a similar dismissive response. Should I submit another message with my method? On 17 May 2016 4:01 PM, "Sebastian" <[email protected]> wrote:
> Hey all, > > I don't think "pop up a full featured window on the client" is your > everyday phishing attack. This is easily exploited even for experienced > users, since this is definitely not what you'd expect to originate from > Skype (and for example Steam tends to annoy you with login popups > sometimes, i.e. when changing your IP). > > So yes, we don't need your average phishing attack, but this is surely a > vulnerability and the publication hopefully forces M$ to do something about > it. > > Am 2016-05-13 03:51, schrieb Reindl Harald: > >> oh no - please don't post each and every phishing attack on FD becasue >> then we would see nothing else when mailadmins start to do the same >> >> Am 11.05.2016 um 22:57 schrieb Danny Kopping: >> >>> [...] >>> >> >> >> >> _______________________________________________ >> Sent through the Full Disclosure mailing list >> https://nmap.org/mailman/listinfo/fulldisclosure >> Web Archives & RSS: http://seclists.org/fulldisclosure/ >> > > Greetings, > Sebastian Kaim > > -- > > A great many of today's security technologies are "secure" only because > no-one has ever bothered attacking them. > -- Peter Gutmann > > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
