UserAgent: Mozilla/5.0 (X11; CrOS x86_64 7834.66.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.111 Safari/537.36
Platform: 7834.66.0 (Official Build) stable-channel falco

Steps to reproduce the problem:
1. log in on Chromebook
2. copy "foobar" into the clipboard (type it into a textbox, CTRL+A, CTRL+X)
3. lock the screen (click in the bottom-right corner, click the lock symbol)
4. press CTRL+V

What is the expected behavior?
No interaction with the clipboard should be possible when the screen is locked.

What went wrong?
The clipboard contents are pasted into the password field, revealing the length of the clipboard contents.

If a user has his password in the clipboard while the screen is locked (yes, that's very unlikely), this would allow the screen to be unlocked. If at some point a text field is added anywhere on the lockscreen, this would probably also allow an attacker to see the clipboard contents of a locked machine.

Did this work before? N/A 

Chrome version: 49.0.2623.111  Channel: stable
OS Version: 7834.66.0
Flash Version: Shockwave Flash 21.0 r0

I think that the current impact of this is low severity or below.