Source: firefox Severity: important Tags: security
Hi. There is no reason why a browser should access the clipboard of the client. It opens all kinds of attack vetors and likely privacy leaks. See e.g. recent exploits[0]. I wouldn't be all to surprised if Mozilla would also allow to read out the current clip board contents, which wold be a really grave issue, as it could contain passwords, keys, etc. There has been some recent media coverage[1] (this one in German) about [0]. Cheers, Chris. [0] https://github.com/dxa4481/Pastejacking [1] http://www.golem.de/news/pastejacking-im-browser-codeausfuehrung-per-copy-and-paste-1605-121062.html
