CVE-2016-8504

CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.

Date published : 2016-10-26

http://www.securityfocus.com/bid/93924

https://browser.yandex.com/security/changelogs/