Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: LastPass XSS vulnerability found

01 Mar 2011   #1
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 
LastPass XSS vulnerability found

LastPass XSS vulnerability found, website and browser add-ons affected (updated)

Quote:
Mike Cardwell, the Stallmanite who recently discovered a fantastically covert way of working out which Web services you're currently logged in to, has found a nasty XSS vulnerability in the LastPass password manager. The cross-site scripting (XSS) vulnerability not only allows nefarious types to see which sites you've recently logged in to, but it also provides access your email address and password reminder.
Quote:
Update: LastPass has now implemented HSTS and a few other features to make their website and browser add-ons a lot harder to attack in the future.
Source

Cross Site Scripting vulnerability reported, fixed

Quote:
While no client data was impacted, we were notified at ~3pm Eastern time yesterday of a non-persistent cross site scripting vulnerability on the LastPass.com website. By 5:30pm it was fixed, tested and deployed; closing the hole. It's important to note that this was not a flaw with the extensions, and could only be potentially exploited if you visited a malicious site that was setup to exploit this flaw while you were logged into LastPass.
Source

A Guy


My System SpecsSystem Spec
Reply

 LastPass XSS vulnerability found




Thread Tools





Similar help and support threads
Thread Forum
LastPass
Hello.I'm thinking of installing lastpass password manager on to my windows 7 home premium. At the moment I'm using chrome to save my passwords,Now if I decide to install Lastpass and export the passwords from chrome to Lastpass will I have to delete the password that chrome has saved and if yes...
System Security
LastPass
Hi,Just installed the LastPass password security software. Found it okay made a master password and it then found all my passwords of forums etc and also added it to chrome. The only thing is bothering me I'm the only user of this pc,But what happens if it has to go to a pc engineer would he be...
System Security
Zero-day vulnerability found in Adobe X
Source A Guy
Security News
Zero day vulnerability found in Windows MHTML renderer
Zero day vulnerability found in Windows MHTML renderer | Naked Security
Security News
Decade-old vulnerability found in Windows
more..
News
Critical vulnerability found in Adobe Flash Player
more..
News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:31.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App