This week at LWN: The Firefox password manager vulnerability

Posted by Scott_Ruecker on Dec 6, 2006 9:12 AM EDT
LWN.net; By Jake Edge 		Mail this story
Print this story

A commonly used convenience feature in Firefox is the password manager (PM) which can keep track of username/password pairs for sites that one visits and fills in when a new login is required. Unfortunately, as a recent bug report shows, PM can be too helpful and provide that information to other sites, invisibly to the user. As of this writing, the underlying browser problem has not been fixed, though MySpace (where the problem was originally discovered in the wild) has changed its filtering of user-supplied HTML to avoid the problem.

Full Story

  Nav
» Read more about: Story Type: News Story; Groups: Community, Mozilla

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.