Com Cross Site Scripting (XSS) consegue-se aceder às passwords no gestor de passwords do Firefox (técnicas semelhantes podem ser usadas para o Internet Explorer, Safari, Chrome, Opera e outros).

Por norma de segurança não use a opção de deixar que o browser memorize as passwords.

Veja o exemplo abaixo:

http://ha.ckers.org/weird/xss-password-manager.html

Tags: FireFox, Internet Explorer, passwords, XSS

This entry was posted on 05/04/2010 at 14:50. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Posted in segurança by Filipe Teixeira Nunes No Comments Yet