Uber ignores vulnerability that lets anyone send email from Uber.com

81
Uber ignores vulnerability that lets anyone send email from Uber.com

Recently vulnerability in Uber’s email system has been noticed that allows just about anyone to send emails on behalf of Uber.

The researcher who discovered the flaw warns this vulnerability can be abused by threat actors to email 57 million Uber users and drivers whose information was leaked in the 2016 data breach.

Seif Elsallamy, security researcher and bug bounty hunter discovered a flaw in Uber’s systems that enable anyone to send emails on behalf of Uber. Sent from Uber’s servers, these emails would appear legitimate to an email provider and make it past any spam filters.

Read More: Bleepingcomputer

For more such updates follow us on Google News ITsecuritywire News