This template is ONLY for reporting security bugs. If you are reporting a
Download Protection Bypass bug, please use the "Security - Download
Protection" template. For all other reports, please use a different
template.


Security: Whenever I turn on vpn zenmate and then go to a logged in account like gmail,linkedin that is without entering passwords just clicking gmail icon.That gmail password gets stolen and an sign-in attempt is made.

VULNERABILITY DETAILS
Please provide a brief explanation of the security issue.

VERSION
Chrome Version: Version 63.0.3239.132 (Official Build) (64-bit)
Operating System: windows 10 64 bit

REPRODUCTION CASE
Please include a demonstration of the security bug, such as an attached
HTML or binary file that reproduces the bug when loaded in Chrome. PLEASE
make the file as small as possible and remove any content not required to
demonstrate the bug.

FOR CRASHES, PLEASE INCLUDE THE FOLLOWING ADDITIONAL INFORMATION
Type of crash: password leakage
Crash State: google account attempted sign-in
Client ID (if relevant): [see link above]

As everyone individually uses gmail I expect more grants,as users don't want their passwords to be leaked and be robbed of their personal information.
And also I have sent an email on groundbreaking information about bigdata to the Google's CEO via kapilsane@gmail.com,if you please look into that email ,It'd be great full.I'd admire it.


On feb 7 account sign-in was done while using vpn zenmate.
 

Deleted: security.png 63.6 KB

	security.png 63.6 KB View Download