Security Flaws Discovered in OKCupid Dating Service

Researchers at Check Point recently found that the mobile app and website for dating service OKCupid contained multiple vulnerabilities that could allow a malicious user to perform actions ranging from stealing users’ personal data to performing in-app actions on behalf of those users. The vulnerabilities included off-app access to deep links within the app, cross-site scripting on the main OKCupid website, and malicious JavaScript injection in deep links.

Read full article on Dark Reading: Cloud