Posted by iliketurtles on Nov 03
# CNIL CookieViz XSS + SQL injection leading to user pwnage
#
# Product link: https://github.com/LaboCNIL/CookieViz
# CVE references CVE-2014-8351, CVE-2014-8352
TL;DR
—–
Since October 2014, the French National Commission on Informatics and
Liberty “CNIL” is performing some controls upon “tracing cookies” (ads,
webaudience etc.) set by French websites:…