Issue metadata
Sign in to add a comment
|
Security: Saved PASSWORDS CAN BE VIEWED by others using the same computer - CRITICAL ISSUE
Reported by
sal...@artistic-models.com,
Jan 9 2018
|
||||||||||||||||||
Issue descriptionSteps to reproduce the problem: 1. Protect the password box from editing its HTML code 2. Protect the Gmail page where there is a password box from editing its HTML code during sign in 3. What is the expected behavior? When any account is saved in google chrome, including gmail accounts, when you sign out your password is still typed in as dots because you have saved your password. The issue here is, this saved password which is shown in dots can be viewed by someone else who is using the same computer. This is a CRITICAL SECURITY CONCERN in many organizations where multiple users have access to same computer. What went wrong? Your saved password can be seen to others using the same computer. It is very easy by editing the HTML code of the password box. This is a CRITICAL security threat to many users including organizations. Kindly refer to the attached screenshot showing the same. Did this work before? Yes Version 63.0.3239.84 (Official Build) (64-bit) Chrome version: 63.0.3239.84 Channel: n/a OS Version: 10.0 Flash Version: Kindly look into this issue as this is a very critical security threat from Google Chrome. Expecting a reward from google for the same. You can contact me at saleeq@artistic-models.com
,
Apr 17 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||
Comment 1 by dominickn@chromium.org
, Jan 9 2018