Da steht aber auch noch folgendes:
Labels: -Restrict-View-Commit
Status: Fixed
Labels: -Restrict-View-Commit
Status: Fixed
This issue was fixed on the 28th, there was some delay unrestricting this bug due to the holidays.
There was some discussion about with Kaspersky on how to exploit this vulnerability as I wasn't aware they were checking the commonName sent with SNI. However, we were able to come up with alternative attacks that still worked and Kaspersky resolved it quickly.