3 matches found
Evernote Web Clipper Cross-Site Scripting (CVE-2019-12592)
A cross-site scripting vulnerability exists in Evernote Web Clipper Extension. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2019-12592
CVE-2019-12592 affects the Evernote Web Clipper Chrome extension (pre-7.11.1). The vulnerability arises from a mis-handled URL construction in the extension’s iframe/injection framework, allowing a remote site to inject scripts via postMessage and inject a payload into all frames, effectively cau...
Critical Flaw Reported in Popular Evernote Extension for Chrome Users
Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed. Evernote is a popular service that helps people taking notes and organize their to-do...