Follow

If an extension lets anyone inject CSS into Google websites, how bad could this get? This isn’t XSS but still pretty bad. From displaying scams on trusted websites to exfiltrating data: lots of possibilities.

Very nice reporting experience for a change.

palant.info/2021/06/28/having-

· · Web · 0 · 0 · 0
Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.