Bug ID 748649: Key logging chrome extension can bypass Websafe KeyLogger

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP FPS(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1

Fixed In:
15.0.0

Opened: Nov 04, 2018

Severity: 3-Major

Symptoms

When installed, JSLogger extension can bypass password field protection and get the real password input

Impact

Password value is captured

Conditions

JSLogger extension installed

Workaround

N/A

Fix Information

Code adjustment for better event faking

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips