2/19/2023 0 Comments Mailchimp duplicate detector![]() If exploited, the issue could have revealed what website a user was on, or as Eden demonstrated, a user's email, something that could go on to be used in spam or phishing campaigns. The company could have also made it so the whole page is set not to leak referral data. According to Eden - who cites recommendations published by the World Wide Web Consortium (W3C) - all the company could have done was made it so each link is explicitly set not to provider a referrer. It's unclear exactly how MailChimp fixed the issue. We’re sorry for the delay, and we’re reviewing how we handle reported issues. The post gained some traction on Twitter and elicited a response from the company, which not even three hours later, said it had implemented a fix. Eden waited two weeks and after he failed to hear back, published his blog post on Thursday. “If you visit a link from a MailChimp newsletter, you risk having your email address and your reading habits broadcast to a site owner,” Eden wrote in a write up of the flaw published to his personal blog Thursday.Įden responsibly disclosed the issue on December 4 and while the company was quick to say it would fix the flaw, it asked the researcher to delay his disclosure at the beginning of January. If someone scrolled to the bottom, where the unsubscribe section usually is, they’d be able to see that user’s full email. In MailChimp's case, the link was going to the web version of a users' copy of the email they were on. The flaw stems from the fact that when a user clicks through links in an email, the browser usually sends a referer header, an HTTP header field that contains the address of the webpage that linked to the resource being requested. Terence Eden, a researcher who runs Open Standards for the UK Government Digital Service, found the issue, "an annoying privacy violation,” last December. Configure Duplicate Detection in Power Apps October 25, 2021. The company, one of the more popular email marketing services, fixed the issue at some point over the last month or so. What is the Total CRM Dynamics MailChimp Connector If you want to send bulk emails to your. Marketing automation platform MailChimp recently fixed a privacy issue that could have leaked users' email addresses. The service, which allows companies to send email newsletters, invitations and more, fixed an issue that could have leaked a user's email address.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |