Chrome extensions with 10M+ devices are actively vulnerable to UXSS and UXSG (rebora.io) 9 points by galwm 1mo ago ↗ HN
[–] tsuberim 1mo ago ↗ Alarming. Same origin policy not strong enough. I suppose a lot of extensions may be similarly vulnerable.
2 comments
[ 2.8 ms ] story [ 12.9 ms ] thread