|
|
|
|
|
|
by carlbordum
1786 days ago
|
|
|
In my opinion, XSS is not a security issue autofill should deal with at all. The real issue is if attackers can trick the autofill to fill in a password for a different site. I did a pentest for a password manager a few years ago, and if I remember correctly this type of exploit had been successful against multiple of the big password managers. |
|
|