Last Login: April 27, 2020
0xEmma's Latest (3) Contributions
In order for this attack to happen a Attacker needs to convince someone to install a ruby gem, which if someone is able to do that they would be able to find a better attack method.
Although this can lead to cookie leaks, the typical session cookie expires. And the complexity of this attack requires local access to a system, which, generally you have other ways to get this information.
Easy to exploit, although software not common in enterprise, this can lead to dumping of a contact book and adding more contacts which can lead to a SE attack