Get a Pentest and security assessment of your IT network.

Cyber Security

Critical Flaw Reported in Popular Evernote Extension for Chrome Users

Vulnerability resides in the ways Evernote Web Clipper extension interacts with websites, iframes and inject scripts, breaking browser’s same-origin policy (SOP) and domain-isolation mechanisms. The vulnerability could allow an attacker-controlled website to execute arbitrary code on the browser in the context of other domains on behalf of users, leading to a Universal Cross-site Scripting (UXSS or Universal XSS) issue. Over 4,610,000 users have been using the extension for Chrome browser.

Source: https://thehackernews.com/2019/06/evernote-extension-hacking.html

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation