""The flaw allowed any website to silently inject prompts into that assistant as if the user wrote them. No clicks, no permission prompts. Just visit a page, and an attacker completely controls your browser.""
""The attacker's page embeds the vulnerable Arkose component in a hidden <iframe>, sends the XSS payload via postMessage, and the injected script fires the prompt to the extension. The victim sees nothing.""
""Successful exploitation of this vulnerability could allow the adversary to steal sensitive data, access conversation history with the AI agent, and even perform actions on behalf of the victim.""
A vulnerability in Anthropic's Claude Google Chrome Extension could be exploited by attackers to inject malicious prompts simply by visiting a web page. This flaw stemmed from an overly permissive origin allowlist and a DOM-based cross-site scripting (XSS) vulnerability in an Arkose Labs CAPTCHA component. Attackers could execute arbitrary JavaScript to send prompts to the Claude extension, appearing as legitimate user requests. Successful exploitation could lead to data theft, unauthorized actions, and compromised user privacy. Anthropic has since patched the extension to enforce stricter origin checks.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]