CVE-2016-8503

Name of the Vulnerable Software and Affected Versions Yandex Browser versions 16.7 through 16.9

Description The issue is related to the Yandex Protect Anti-phishing warning in Yandex Browser, which could be exploited by a remote attacker to brute-force passwords from important web resources using special JavaScript. The vulnerability is associated with errors in security settings, allowing a remote attacker to bypass existing security restrictions.

Recommendations For Yandex Browser versions 16.7 through 16.9, consider disabling the Anti-phishing function as a temporary workaround until a patch is available. Restrict access to sensitive web resources to minimize the risk of exploitation. Avoid using the browser for critical operations that involve sensitive information until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.