|
|
|
|
|
|
by AgentME
3532 days ago
|
|
|
Chrome content scripts can have permissions to make AJAX requests to any origin. Sure, it's not a straight-ticket to getting code native execution and installing malware on your machine, but it means an exploit against an extension with wide enough permissions could harvest your email and bank info. |
|
|