I have a full exploit working without any prompts on Windows, could be made to work on other platforms. Sent details to LastPass.
-
-
-
Full exploit is two lines of javascript.
#sigh ¯\_(ツ)_/¯ - 5 more replies
New conversation -
-
-
They haven't fixed the previous vulnerability yet, I think due to slow Mozilla addon review process.
-
Do you happen to know if Firefox add-ons get updated automatically? Trying to assess how much sense crafting a 0patch will make.
- 1 more reply
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
The default version you get from a.m.o is 3.3.2.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I'll send you a Bugcrowd shirt if you do actually submit it :)
-
Thanks haha, but we try to follow what the vendor requests, e.g. https://lastpass.com/support_security.php …
End of conversation
New conversation -
-
-
Remote Code Execution.
End of conversation
New conversation
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.