Subj : *Safari bug exposes Apple users' browser history and Google account
To   : All
From : August Abolins
Date : Tue Jan 18 2022 14:53:26

Hi All...

*Safari bug exposes Apple users' browser history and Google account details*

A bug in Safari?s IndexedDB implementation on Mac and iOS means a website can see the names of databases for any domain, not just its own. (Independent) 

For instance, Google services store an IndexedDB instance for each of your logged in accounts, with the name of the database corresponding to your Google User ID.

Using the exploit described in the blog post, a nefarious site could scrape your Google User ID and then use that ID to find out other personal information about you, as the ID is used to make API requests to Google services

Ciao!
 /|ug (https://t.me/aabolins)

--- Want fido for iOS/MacOS/Android/Win/Linux? Info=https://shrtco.de/tpJ9yV
 * Origin: Fido by Telegram BBS from Stas Mishchenkov (2:460/256)

.