Bug ID 748649: Key logging chrome extension can bypass Websafe KeyLogger

Last Modified: Feb 15, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP FPS(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4

Opened: Nov 04, 2018
Severity: 3-Major

Symptoms

When installed, JSLogger extension can bypass password field protection and get the real password input

Impact

Password value is captured

Conditions

JSLogger extension installed

Workaround

N/A

Fix Information

None

Behavior Change