Stealing passwords via browser refresh | Full Guide

The browser’s back and refresh features can be used to steal passwords from
insecurely written applications.

This paper discusses the problem and the solution.

  • We will show how a bad guy can access the user credentials of the previously logged in user by exploiting this feature, if the web application has not been developed securely

Stealing_passwords_via_browsers.pdf (177.3 KB)