2018-02-06 01:00:00
mitre
PUBLISHED
The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an action: "user" request to iframe.gr_-ifr, because the exposure of these tokens is not restricted to any specific web site.