In response to the Ctrip Security Payment log vulnerability today, ctrip responded on its official microblog that the company's relevant departments had launched technical troubleshooting in the first time and made up for the vulnerability within two hours after the news was published.
At the same time, Ctrip said that some transaction customers in March 21 and March 22 may be affected. At present, no information leakage or loss has been found due to related problems. The company will continue to carry out network security verification. If a user causes property losses due to this vulnerability, Ctrip will compensate for the loss.
Ctrip expressed gratitude for the vulnerability information discovered by wooyun platform and will reward those who provide the vulnerability information. Ctrip always attaches great importance to information security and will continue to report New Progress in this vulnerability.
However, the vulnerability has already been detected, indicating that the user's previous account is no longer secure, no matter whether it is repaired or not. Change the card.