10-17-2018, 12:30 PM
![[Image: News.jpg.jpg?width=400&height=225]](https://media.discordapp.net/attachments/265228970268688385/502092646307594275/News.jpg.jpg?width=400&height=225)
Security Researchers at VPNMentor discovered a DOM-XSS bug in Branch.io, this bug affected over 685 million users, these users visit sites like Tinder, Shopify, and Yelp. They also suspected that the flaw could take advantage of vulnerabilities in Tinder profiles, as there was one found to have multiple client side vulnerabilities.
Although the endpoint was owned by Branch.io, and not Tinder, they were still able to put out a timely patch and shore up the hole.
That was the news, take it easy, peace.
-----Sh7nk-Z0id