Grammarly: DOM based CSS Injection on grammarly.com

Summary: An attacker can inject an external css file which can lead to phishing attacks and xss in older browsers. Description: Within the main.js file the following code exists: javascript t.prototype.componentWillMount = function var e = this.getCtx.nav.waypoint.query, t = e.extcss, n =...