WhatsApp Commits To More Transparency About App Flaws
Facebook-owned WhatsApp has fixed six previously undisclosed vulnerabilities in its chat platform. Some of the bugs were:
1) a URL-validation issue that caused the recipient of a sticker message containing deliberately malformed data to load an image from a sender-controlled URL without user interaction; and
2) an input-validation issue that could have allowed cross-site scripting if a user clicked on a link from a specially-crafted live location message. WhatsApp have patched these bugs as soon as they were discovered, and said that they will keep “with industry best practices” and conduct “necessary fixes”.