HackerOne vulnerability report:
An attacker can bypass the HEY.com HTML sanitizer and inject arbitrary unsafe HTML in emails.
A HEY user viewing an email sent by the attacker may have their account compromised.
HackerOne vulnerability report:
An attacker can bypass the HEY.com HTML sanitizer and inject arbitrary unsafe HTML in emails.
A HEY user viewing an email sent by the attacker may have their account compromised.