Reply to 1474737063933067267
@rockgecko_dev At this point it's public to attackers, too. I get that CVE is intended to behind the scenes reach out via trusted channels without making the vulnerability public and leave big players vulnerable. According the article it shows that Alibaba also did not follow that process.