“Major Flaw” Discovered in Evernote’s Chrome Extension

13-06-01 (1)

A major flaw has been discovered in the code of the Web Clipper Chrome extension of note-taking service Evernote. The flaw, a universal XSS marked CVE-2019-12592 which could have allowed threat actors to extract personal information from the browser environment, was unearthed by security company Guardio and disclosed to Evernote in late May. Within a week, Evernote addressed the issue and rolled-out a complete fix.

Click here to view original webpage at www.infosecurity-magazine.com


Your e-mail address will not be published.
Required fields are marked*