Autofill vulnerability

General discussion and chat (archived)

Moderator: satrow

Locked
User avatar
John connor
Board Warrior
Board Warrior
Posts: 1096
Joined: 2015-01-21, 05:06
Location: From RLG fly heading 053 intercept 315 DVV look for the SAM

Autofill vulnerability

Post by John connor » 2017-01-08, 08:52

Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attacker when he submits a form.

Autofill profiles are a recent addition to modern-day browsers. This feature works by allowing the user to create a profile that holds different details about himself that he usually enters inside web forms.

When the user has to fill in a form in the future, he can simply select an autofill profile and his browser will enter the preset information in all form fields, sparing the user the time he would have needed to type in 10, 20 or more fields.
https://www.bleepingcomputer.com/news/s ... g-attacks/


I just knew that one day this crap would be vulnerable.
Imagine if God created a creature that was bipedal, soft and cuddly, stood about 9 inches tall and sang. Then called him Gizmo.

User avatar
ron_1
Moon Magic practitioner
Moon Magic practitioner
Posts: 2124
Joined: 2012-06-28, 01:20

Re: Autofill vulnerability

Post by ron_1 » 2017-01-08, 14:21


Locked