Zurück zum Sicherheitsportal
XSS in Trezor Connect
Gemeldet auf August 3, 2020
In August 2020, we were contacted by Gamer7112, a security researcher, who reported XSS issues in Trezor Connect. The issues were fixed and deployed to production shortly after.
Trezor Connect
Behobene Sicherheitslücken
Gemeldet durch Community. Untersucht. Gelöst. Weil deine Sicherheit nie optional ist.
- Donjon's Trezor Safe 3 evaluationNovember 12, 2024
- Missing confirmation in the ECDHSessionKey callNovember 26, 2023
- XSS in Trezor Connect legacy versionsFebruary 7, 2023
- Insufficient field size check in ProtobufJuly 12, 2021
- Missing path isolation checkJuly 14, 2020
- Malicious change in mixed transactionsMarch 7, 2020