Issue metadata
Sign in to add a comment
|
Security: Chrome AutoFill fills data of other user.
Reported by
raj.nish...@gmail.com,
Jul 15 2017
|
||||||||||||||||||||||
Issue descriptionThis template is ONLY for reporting security bugs. If you are reporting a Download Protection Bypass bug, please use the "Security - Download Protection" template. For all other reports, please use a different template. Please READ THIS FAQ before filing a bug: https://www.chromium.org/Home /chromium-security/security-faq Please see the following link for instructions on filing security bugs: http://www.chromium.org/Home/chromium-security/reporting-security-bugs NOTE: Security bugs are normally made public once a fix has been widely deployed. VULNERABILITY DETAILS I was opening a amazon prime music promotion link from gmail app and after clicking on that link it open browser that is embeded in gmail. It open amazon login page and auto fill username and password for some random user(who has never used my browser.) VERSION Chrome Version: 59.0.3071.125 gmail embeded chrome browser. Operating System: [Android 6.0.1] REPRODUCTION CASE Please include a demonstration of the security bug, such as an attached HTML or binary file that reproduces the bug when loaded in Chrome. PLEASE make the file as small as possible and remove any content not required to demonstrate the bug. FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION Type of crash: [tab, browser, etc.] Crash State: [see link above: stack trace, registers, exception record] Client ID (if relevant): [see link above]
,
Jul 15 2017
Issues like this get reported every month or so. In every case we've ever seen, this problem happens when a user either loaned their device to someone else temporarily, or, more commonly, they themselves logged in from a shared device (either a kiosk computer, borrowed a friends, etc) with sync enabled for their Google account. If you provide info on the Google account you use for Chrome sync, the sync team may be able to look into Logs to see where the problem arose.
,
Jul 15 2017
,
Jul 15 2017
My google account was raj.nishant360@gmail.com and victim account was namita.gupta@gmail.com. I don't know her by any means and she lives in US and I am from India.
,
Jul 15 2017
Thank you for providing more feedback. Adding requester "raymes@chromium.org" to the cc list and removing "Needs-Feedback" label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jul 15 2017
pnoland/ewald: could you please help triage this cross-sync issue?
,
Jul 15 2017
,
Jul 16 2017
I have never visited airveda.com site before but its login are saved in my password.google.com.
,
Jul 16 2017
,
Jul 17 2017
,
Jul 17 2017
,
Jul 17 2017
+Gang, current on-call client bug fixer for Sync raj.nishant360@: could you please provide a screenshot of chrome://sync-internals from your Android phone? Also, do we have your permission to look at our server-side logs for your Google Account to see where and when this saved credential got synced to your account?
,
Jul 20 2017
Friendly ping to the original poster. raj.nishant360@ - do we have your permission to look at your server-side logs? And can you please post a screenshot of chrome://sync-internals?
,
Jul 26 2017
,
Jul 26 2017
Closing this out for now, since the original poster is no longer responding. raj.nishant360@ - we will re-open this issue if you provide the information requested in comment #12. Thank you!
,
Nov 2 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by raj.nish...@gmail.com
, Jul 15 2017