Thanks for reaching out to us. After careful consideration of your report, we believe this does not represent security vulnerability as it requires explicit user interaction.
It is similar to someone sending phishing email. Alternatively, each of the LinkedIn member can request any post to be marked as spam via using “Report this post” feature.
That being said, if you could find a way to automatically trigger code execution on user’s browser, please write to us and we will investigate your report.
To demonstrate this exploit follow my previous report then check the LinkedIn post from internet explorer on PC (and there is many other browsers) . also check it from chrome browser app on mobile (latest version) (and there is many other browsers).
anyway here is a POC videos:
-POC on PC via internet explorer:https://youtu.be/
- POC on mobile via chrome (latest version), Dolphin (latest version):https://youtu.be/
We have confirmed that this issue has now been resolved. Please test it at your end and let us know if your results vary.
We appreciate your efforts to notify us about this issue and want to thank you for helping us to protect LinkedIn members.