Content Spoofing or Text Injection support.mycrypto.com

w2w reported a text injection attack where the user could be shown arbitrary text injected via query parameters. The MyCrypto team worked with w2w to resolve these issues, and appreciate the responsible disclosure. We look forward to continuing to work with the security community to triage and resolve issues like these should they arise.