![]() The hackers exploiting the vulnerability could get users diverted to a website that’s controlled by them. The Universal XSS vulnerability was marked as CVE-2019-12592.” Financials, social media, personal emails, and more are all natural targets. A logical coding error made it is possible to break domain-isolation mechanisms and execute code on behalf of the user – granting access to sensitive user information not limited to Evernote’s domain. Security researchers at Guardio had discovered this vulnerability in the Evernote Web Clipper extension, which is immensely popular and which lets users capture full-page articles, images, emails, selected texts etc.Ī blog post by the Guardio research team says, “In May 2019 Guardio’s research team has discovered a critical vulnerability in Evernote Web Clipper for Chrome. Hackers could have exploited the vulnerability to steal personal data including emails and financial transactions of users. Reports say that the critical flaw in the popular note-taking extension Evernote could have led to the breach of personal data of over 4.6 million users. A critical flaw that affected Evernote’s web clipper extension for Chrome could have impacted millions of users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |