New issue
Advanced search Search tips

Issue 813613 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Feb 2018
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security: Passwords leaks

Reported by qualidad...@gmail.com, Feb 19 2018 
VULNERABILITY DETAILS
This vulnerability directly affects the leak of passwords saved in the Chrome browser.

VERSION
Versão 64.0.3282.167 (Versão oficial) 64 bits
Operating System: Windows 10 Home 64bit - version 1709 - compilation 16229.248

REPRODUCTION CASE
The vulnerability occurs when anyone who accesses the logged-in chrome can discover the password saved in the browser.
Details: When you are in the login page, the password is hidden by asterisks (******), but if you right-click on the password and then click on inspect, it is possible to change the format password "to" text ", so that any password can be viewed without entering the password of the computer (as usually requested in the password management page of the chrome).
That's it, count on me to take any questions.
1of3.jpg
103 KB View Download
2of3.jpg
228 KB View Download
3of3.jpg
236 KB View Download

Comment 2 by qualidad...@gmail.com, Feb 20 2018 

I understand, I read the article and I agree that there are other sources in which we can obtain the password without being the one I described, but the one I cited is much easier and more accessible to most average users, thus increasing the incidence of violations. So it is a very serious fault for being so easy.
Project Member

Comment 3 by sheriffbot@chromium.org, May 29 2018

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment