loader gif

Guardio Discovers Major Vulnerability in Evernote's Chrome Extension

Guardio Discovers Major Vulnerability in Evernote's Chrome Extension (Malware and Vulnerabilities)

TEL AVIV, Israel, June 12, 2019 /PRNewswire/ -- Guardio, a leading browser-centric and cloud security company, discovered a major flaw in Evernote's Web Clipper Chrome extension's code that left it vulnerable, potentially allowing threat actors to access personal information from users' online services. The logical coding error in the Web Clipper extension could have allowed an attacker to bypass the browser's same origin policy, granting the attacker code execution privileges in Iframes beyond Evernote's domain. As the browser's domain-isolation mechanisms were broken, code could be executed that could allow an attacker to perform actions on behalf of the user as well as grant access to sensitive user information on affected third-party web pages and services, including authentication, financials, private conversations in social media, personal emails, and more. Guardio's protection comes into play in these new potentially vulnerable threat areas. Guardio is a new breed of cyber security product designed to tackle threats and security concerns within the browser.

loader gif