Anyone who uses Chrome should be aware that an interesting and potentially dangerous vulnerability has been discovered. In the most current version of the browser, it is possible for someone to be fooled into viewing a site or submitting data to a page using a method known as clickjacking
. As the links can be disguised, it can be difficult to tell when it is occurring. An example is a link that will appear normal in the browser, including the URL preview pane, but then redirect the user to a different page.
A proof of concept
page was put up for demonstration. Google has confirmed that it is already working on a fix for the flaw, but until that arrives, itís easy to see how this can be abused with dummy pages setup to look like the real thing. Upon redirection, people may not pay attention to what shows up in the address bar, and give away information they shouldn't.