CVE-2016-8504

Publication date

2016-10-26 18:00:00

Family

yandex

State

PUBLISHED

Description

CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.