Chrome extensions with 10M+ devices are actively vulnerable to UXSS and UXSG(rebora.io)
9 pointsby galwm3 hours ago2 comments
  • tsuberim2 hours ago
    Alarming. Same origin policy not strong enough. I suppose a lot of extensions may be similarly vulnerable.
  • galwm2 hours ago
    [dead]