A bug in Grammarly’s Chrome browser extension exposed its authorization tokens to websites. Sites could assume the identity of a user and view their account s documents. The bug is fixed and there is no action required by users to update the extension. There are more than 20 million users of the Chrome extension, and the company also offers a web-based editor. The security issue potentially affected text saved in the Grammerly Editor, or any text typed on websites while using the browser extension.
Source: https://threatpost.com/grammarly-patches-chrome-extension-bug-that-exposed-users-docs/129794/

