The report identifies a bypass vulnerability in the biography field on addons.allizom.org. Despite the application's policy against allowing links, it was possible to embed functional hyperlinks using protocol-relative URLs (//evil.com). This violation of the declared application policy was achieved by including an tag with the protocol-relative…Read More