Galileusz

CSS Exfil Protection

1 post in this topic

CSS Exfil Protection is a browser extension for Mozilla Firefox and Google Chrome that protects data against CSS Exfil attacks.

What is this CSS vulnerability again?

The CSS Exfil vulnerability detailed in this lengthy post is a method attackers can use to steal data from web pages using Cascading Style Sheets (CSS). CSS - one of the building blocks of the modern web - is used by developers to control the look-and-feel of a website and is present on nearly every modern page on the internet. By crafting targeted CSS selectors and injecting them into a web page, an attacker can trick the page into sending pieces of data to a remote server (e.g. usernames, passwords, and sensitive data such as date of birth, social security numbers, and credit card numbers).

The vulnerability test can be checked on this page: https://www.mike-gualtieri.com/css-exfil-vulnerability-tester

Would it be possible to adapt this plugin for Maxthon?

1 person likes this

Share this post


Link to post
Share on other sites