Password Manager Sweep Attack in GNOME Web (Epiphany)

Password Manager Sweep Attack in GNOME Web (Epiphany)

CVE-2017-1000025 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.

Learn more about our Web App Pen Testing.