Mobile

#bugbounty Pro Tip - Android applications can suffer from LFI and stored XSS just by injecting <iframe/src=/etc/hosts> into input fields. Payout: $4,500! 😎👍 pic.twitter.com/JvP4jN8Zha— xer0dayz (@xer0dayz) June 24, 2018