Eli Grey @sephr on twitter says:
One of these screenshots is a draft email to the real PayPal support. The other one is to a scammer.
Both screenshots are identical.
Unfixed vulnerability in all Google Inbox mobile apps: https://eligrey.com/blog/google-inbox-spoofing-vulnerability
PoC demo (open with Google Inbox app): https://dangerous.link/paypal-locked
From https://twitter.com/sephr/status/1064962729889288192
#vulnerability #bug #gmail #inbox
One of these screenshots is a draft email to the real PayPal support. The other one is to a scammer.
Both screenshots are identical.
Unfixed vulnerability in all Google Inbox mobile apps: https://eligrey.com/blog/google-inbox-spoofing-vulnerability
PoC demo (open with Google Inbox app): https://dangerous.link/paypal-locked
From https://twitter.com/sephr/status/1064962729889288192
#vulnerability #bug #gmail #inbox