|
|
|
|
|
|
by jleader
3396 days ago
|
|
|
They leak uninitialized memory contents into the HTML being served; that memory could (and did) contain data from any other traffic that passed through their hands. So a request sent to Cloudflare customer A's site could return data from Cloudflare customer B, including data that B thought was only being served via https to authenticated users of B. |
|
|