Cyber Security

Google patches for account acquisitions and MFA bypass chromium vulnerabilities

Photo of liralbes liralbes Send an email 14 hours ago
0 0 1 minute read
Google patches for account acquisitions and MFA bypass chromium vulnerabilities

He wrote: “Unlike other browsers, Chrome solves the link header on subresource requests. But what is the problem? The problem is that the link header can set the referral layer – we can specify an insecure url and capture the full query parameters.”

A website uses a link header to tell the browser about important page resources, such as images, which should be preloaded. This speeds up response time as part of an HTTP response that occurs before the browser encounters any HTML. When a browser usually looks for resources on a third-party server, it transmits a URL containing information about the requesting site as permitted by the referral assignment.

Unfortunately, in Chrome, this URL can also contain information with security, such as an OAuth stream for authentication.

Photo of liralbes liralbes Send an email 14 hours ago
0 0 1 minute read
Photo of liralbes

liralbes

Related Articles

DIE BESTEN IAM-TOOLS | CSO Online

DIE BESTEN IAM-TOOLS | CSO Online

5 hours ago
Purchase the proof point of the wasp in the script to expand the scope of email security

Purchase the proof point of the wasp in the script to expand the scope of email security

9 hours ago
North Korea on the ground in helping Russia target cyber operations

North Korea on the ground in helping Russia target cyber operations

12 hours ago
Breachforums Boss pays 0K for health care violations – Krebs

Breachforums Boss pays $700K for health care violations – Krebs

14 hours ago

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button