I noticed how browsers autofill your email adress into forms' Email fields even if you have to start typing the email. Isn't that a vulnerability?
A website can get my email address just because I opened an url (The site have just to read fields' content via Javascript and send it somewhere using AJAX).
Tested on Chrome and Firefox with HTML5 forms and Javascript enabled.
Here is a fresh test site I just uploaded on Altervista, as you see even if I never logged in that site but I can see my email already entered:
Aucun commentaire:
Enregistrer un commentaire