A simple-to-exploit bug that allows bad actors to send emails from Uber’s official system — skating past email security — went unaddressed despite multiple flagging by researchers.
Threatpost