LinkedIn’s AutoFill plugin could leak user data, secret fix failed

Posted by @audreylaine, Apr 20, 2018

A flaw in LinkedIn’s AutoFill plugin that websites use to let you quickly complete forms could have allowed hackers to steal your full name, phone number, email address, ZIP code, company and job title. Malicious sites have been able to invisibly render the plugin on their entire page so if users who are logged into LinkedIn click anywhere, they’d effectively be hitting a hidden “AutoFill with LinkedIn” button and giving up their data.


Please login or register to post a reply.

© Mayo Clinic Social Media Network. All Rights Reserved.