Security vendor Guardio announced Wednesday it had discovered a vulnerability in Evernote’s Web Clipper extension for Chrome that could have allowed attackers to bypass the browser’s “same origin policy,” a security protocol meant to limit malicious scripts from spreading.Įxploiting the flaw would have allowed attackers to gain privileges outside Evernote’s domain in Chrome - including access to a user’s other web content and services, researchers said.Įvernote resolved the flaw within days, Guardio said, and there is no evidence the bug was exploited.Įvernote did not respond to a request for comment from CyberScoop. Evernote last month fixed a security flaw in a Google Chrome extension that could have allowed hackers to access information about roughly 4.6 million users, according to new research.
0 kommentar(er)
