double account confirmation & incognito glitch
Reported by
nwarsaw...@gmail.com,
Apr 6 2016
|
|||||
Issue descriptionThis template is ONLY for reporting security bugs. If you are reporting a Download Protection Bypass bug, please use the "Security - Download Protection" template. For all other reports, please use a different template. Please see the following link for instructions on filing security bugs: http://www.chromium.org/Home/chromium-security/reporting-security-bugs VULNERABILITY DETAILS Please provide a brief explanation of the security issue. When I was going to report a incognito glitch I switched to my personal account from my school account I found this glitch, first I will have to explain the incognito glitch first. The incognito glitch I believe I found happens when you press switch accounts and go incognito on the switched account the original account couldn't go incognito. My original account is my school account if that helps. When I switched accounts I still had the switched account open and the little icon of my school account in the toolbar didn't change to my personal account (I am talking about the icon that pops up in front of the chrome sign on the toolbar when you have multiple accounts from the switch accounts feature). And when I checked the tab that the account pops up in right next to the collapse window button it showed my school account but the circle on the top right of the new tab if you open one showed my personal account and it says I am sending this to you on my personal account. My chrome version is. I have a windows computer with intel core i3 if that helps.My personal is nwarsaw711@gmail.com and my school account is s603106@ewrsd.k12.nj.us. This glitch could allow hackers to view your browser and access both accounts comprising them. thank you for your time- Neil VERSION Chrome Version: [49.0.2623.110] + [stable] Operating System: [Windows] REPRODUCTION CASE Please include a demonstration of the security bug, such as an attached HTML or binary file that reproduces the bug when loaded in Chrome. PLEASE make the file as small as possible and remove any content not required to demonstrate the bug. FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION Type of crash: [tab, browser, etc.] Crash State: [see link above: stack trace, registers, exception record] Client ID (if relevant): [see link above]
,
Apr 7 2016
Thanks for the report. Unfortunately I don't entirely understand the report, you might consider taking a screenshot and highlighting in it what you think is wrong. It sounds like you might have logged into your personal account from a profile that was associated with your school account? If that is the case, then this behavior might be normal.
,
Apr 8 2016
I had a "person one" separate chrome file so the little icon of you shows up on the toolbar in front of the chrome icon so, when I switch accounts in the chrome file on the toolbar of my school account the taskbar doesn't update and neither does the name of the account next to the minimize button but in a new tab it shows your other icon of the switched account and you can see both emails which is a big concern.
,
May 5 2016
@nwarsaw711: Could you please provide us the screen-recording for better understanding of this issue, which would help us in triaging it further. Thank you.
,
May 26 2016
nwarsaw711@Could you please respond to comment #4?
,
Jun 27 2016
Closing this issue as there was no feedback from the user since long, assuming the issue is resolved at user's end.Feel free to raise a new issue with the detailed steps to reproduce if its still an issue. |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by nwarsaw...@gmail.com
, Apr 6 2016