var content = clipboardData.getData("Text");In English: "Whatever's in your clipboard, give it to me!"
There is no other prerequisite, they just have it. They can do whatever they can dream up with it. If it happens to be your credit card number, or a password, or other sensitive text, you may regret that someone else has it.
The magnitude of this problem is somewhat subjective. It has been around for 5 years. However since so few people will truly need it, I'd say at best it's an unnecessary vulnerability. The only time you would need it is if you had some wacky software that couldn't accomplish some data transfer task any other way. For most of us, that's very unlikely.
*clipboard is an object Windows uses to store anything you copy with Ctrl-C, or by right-clicking your mouse and choosing Copy.
No comments :
Post a Comment