Personal Privacy

Firefox Flaw Allowed Unauthorized Users to Access Passwords Using Copy and Paste

The Infinite Brief
Mozilla’s recent Firefox Update 68.0.2 release plugged a flaw that allowed to steal the content of the browser’s integrated password manager by a simply copying and pasting, even if the user had set a master password.

Despite its simplicity, Mozilla felt that this vulnerability was only a moderate threat since the hacker must already have access to the device before they can exploit it.

The exploit was performed by accessing “Options -> Privacy and Security,” opening the “Registered Credentials …” panel, right-clicking on one of the entries and choosing “Copy password.”

Curated from Hash-Tech

Leave a Response