CVE-2016-8504

Name of the Vulnerable Software and Affected Versions Yandex Browser versions prior to 16.6

Description The issue is related to a CSRF vulnerability in the synchronization form of Yandex Browser, which could be exploited by a remote attacker to steal saved data in the browser profile. This vulnerability is associated with a flaw in the browser's synchronization mechanism that allows for cross-site request forgery (CSRF) attacks, enabling a remote attacker to perform unauthorized actions.

Recommendations For versions prior to 16.6, update to version 16.6 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive browser data to minimize the risk of exploitation.