Security News > 2018 > February > Flaw in Grammarly’s extensions opened user accounts to compromise

Flaw in Grammarly’s extensions opened user accounts to compromise
2018-02-06 16:44

A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users’ authentication tokes and use to them to log in to the users’ Grammarly accounts and access all the (potentially sensitive) information held in them. About the vulnerability The vulnerability was discovered by Google project Zero researcher Tavis Ormandy, who reported it to Grammarly on Friday. “I’m calling this a high severity bug because it seems like a pretty severe violation of … More →


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/tOQ1Y5Kcl8I/