Grammarly Chrome Extension Bug Fixed Fast – Could Exposed User Data To Any Website

Posted by at 12:21 pm on February 6, 2018

Google Project Zero security team has uncovered a bug in the popular Grammarly Chrome extension that exposed authentication tokens to all websites the users may have visited.

The project zero team called this vulnerability a “high severity bug” because it would allow any website access to all your documents, history, logs, and all other data used by the the Grammarly Chrome extension. Ormandy noted the bug is quite severe because users wouldn’t expect that visiting a website would give it permission to access data you’ve typed into another website.

The Grammarly bug was subject to a 90-day disclosure policy, but Grammarly was able to fix the bug much sooner than that, once disclosed  to the company. Perto Grammarly,  once the bug was disclosed on Friday, and through collaboration with the Google team of security researchers, the company was able to fix it within a few hours.

Leave a Reply

Sign Up For Our Newsletter

Sign up to receive breaking news
as well as receive other site updates

Enter your Email

Preview | Powered by FeedBlitz

Log in

Copyright © 2008 - 2019 · StreetCorner Media , LLC· All Rights Reserved ·