Posted by x ksi on Mar 14

Hey list. It’s possible to spoof an URL in mobile versions (Android)
of the UC browser [1][2] via <title> HTML tags. The newest version
from gplay (11.2.5.932) and the Meizu [3][4] branded default browser
(6.1.301) are affected. And the shocking poc would be: