Serious XSS Vulnerability Found in DuckDuckGo Browser Extension!
By the vulnerability found on a search engine focused on privacy DuckDuckGo's Privacy Essentials Addition, attackers targets users with random harmful codes.
A security researcher reported some of the critical problems that affect DuckDuckGo's search addon.
One of those vulnerabilities is "XSS", with that vulnerability the attackers can run commands between websites.
The second one was found by using the extension that uses insecure channels for internal communication that leaks some data between domains.
The person who detected those vulnerabilities says, he reported those to DuckDuckGo and the company started to work on those vulnerabilities.
Firstly, the company published new versions for Google Chrome, Mozilla Firefox, and Edge extensions.
According to the company, when you download the new version (DuckDuckGo Privacy Essentials v2021.3.8 ) of the extension, all of those problems will be fixed. Also, there aren't any problems with the data of users.
By the vulnerability found on a search engine focused on privacy DuckDuckGo's Privacy Essentials Addition, attackers targets users with random harmful codes.
A security researcher reported some of the critical problems that affect DuckDuckGo's search addon.
One of those vulnerabilities is "XSS", with that vulnerability the attackers can run commands between websites.
The second one was found by using the extension that uses insecure channels for internal communication that leaks some data between domains.
The person who detected those vulnerabilities says, he reported those to DuckDuckGo and the company started to work on those vulnerabilities.
Firstly, the company published new versions for Google Chrome, Mozilla Firefox, and Edge extensions.
According to the company, when you download the new version (DuckDuckGo Privacy Essentials v2021.3.8 ) of the extension, all of those problems will be fixed. Also, there aren't any problems with the data of users.
Turkish version: https://www.turkhackteam.org/sosyal-medya-ve-sosyal-platformlar/1975550-duckduckgo-tarayici-uzantisinda-xss-guvenlik-acigi.html
Special thanks to BörüHan
Special thanks to BörüHan
Son düzenleme: