CVE-2016-8504

Summary

CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.

Affected Software

VendorProductVersion RangeStatus
Yandex N.V.Yandex Browser for desktopbefore 16.6 for OSx and Windowsaffected

Weaknesses

  • Profile synchronization form CSRF

ADP Enrichment

CVE Program Container

Additional References

References