腾讯玄武实验室安全动态推送(Tencent Xuanwu Lab Security Daily News) - 2019/01/27

腾讯玄武实验室安全动态推送

Tencent Xuanwu Lab Security Daily News

[ Vulnerability ] 链接多个 URL 跳转漏洞实现泄漏 Uber 用户的 FB Oauth Token： https://hackerone.com/reports/202781
[ Vulnerability ] Adobe Reader - 通过 XFA 中的 XSLT 样式表进行 PDF 回调： https://insert-script.blogspot.com/2019/01/adobe-reader-pdf-callback-via-xslt.html