Autofill vulnerability

General discussion and chat (archived)

Moderator: satrow

User avatar
John connor
Banned user
Banned user
Posts: 553
Joined: 2015-01-21, 05:06

Autofill vulnerability

Unread post by John connor » 2017-01-08, 08:52

Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attacker when he submits a form.

Autofill profiles are a recent addition to modern-day browsers. This feature works by allowing the user to create a profile that holds different details about himself that he usually enters inside web forms.

When the user has to fill in a form in the future, he can simply select an autofill profile and his browser will enter the preset information in all form fields, sparing the user the time he would have needed to type in 10, 20 or more fields.
https://www.bleepingcomputer.com/news/s ... g-attacks/


I just knew that one day this crap would be vulnerable.

ron_1
Moon Magic practitioner
Moon Magic practitioner
Posts: 2014
Joined: 2012-06-28, 01:20

Re: Autofill vulnerability

Unread post by ron_1 » 2017-01-08, 14:21


Locked