News of the unsecured page first reached the ears of local tech site Pokde.NET, who in turn had received a link that contained 1852 entries. All belonging to HiSense customers who had uploaded their warranty registration and claims for the brand’s products. To make matters worse, the page is apparently still unsecured, as the last warranty registration was conducted just one week ago.
Pokde.NET surmises that the security issue stems from the Cform plugin flaw that leaves the page open to exploitation. Without the need for any special privileges and exposing all the data inside. At the time of writing, HiSense Malaysia still had not responded to Pokde.NET’s query. (Source: Pokde.NET // Image: The Verge)