The vulnerability in Evernote’s Web Clipper extension, named CVE-2019-12592, allowed hackers to bypass the same-origin policy this meant that hackers could read, change, and steal data accessed on the browsers, and enable Universal Cross-Site Scripting on Chrome. This mechanism helps isolate potentially malicious resources, reducing possible cyberattacks. Same-origin policy is a security mechanism that restricts interaction between resources from different origins. Web Clipper, an extension that allows users to save screenshots of webpages, emails, images, articles, etc., had a vulnerability that provided hackers with easy access to the websites accessed by its 4.5 million users before it was fixed on May 31, 2019. A critical vulnerability in Evernote’s Web Clipper Chrome extension recently allowed hackers to steal data present in active web sessions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |