Outlook.com had ‘classic’ XSS flaw in authentication engine

Last updated on September 8th, 2018

Synack senior security researcher Wesley Wineberg has received US$25,000 from Microsoft for quietly disclosing a bug that allows any Hotmail account to be hijacked.