Threat actors could exploit a security flaw in the email system of ride-hailing service Uber to send emails to 57 million Uber drivers and users whose data were compromised in a 2016 data breach, BleepingComputer reports.
The vulnerability, discovered by security researcher Seif Elsallamy, could allow anyone to deliver seemingly legitimate emails from Uber's servers that bypasses any spam filters. Elsallamy has attributed the HTML injection flaw to an exposed endpoint on the servers of the ride-hailing service, which was similar to a vulnerability identified in Meta servers three years ago.
A proof of concept sent by Elsallamy to BleepingComputer that urged the Uber user to change their credit card information was observed to land in the recipient's inbox and not the junk folder.
While Elsallamy has already reported the flaw through Uber's HackerOne bug bounty program, it was rejected by the ride-hailing report, which mistakenly assumed that social engineering was required in exploiting the vulnerability.