|
|
|
|
|
|
by wbobeirne
1795 days ago
|
|
|
Agreed, definitely not newsworthy. This is like pointing out that if you got access to arbitrary code execution on the HTTP server that accepts the login POST request, you could also steal login credentials. Or if you were running a malicious browser extension. Or the browser itself is compromised. If an attacker is able to run any code they want anywhere along the way it's effectively game over, autofill or not. |
|
|