Attackers can use Scroll to Text Fragment web browser feature to steal data � research

20-Jun-22

A security researcher has discovered that the Scroll to Text Fragment (STTF) feature, which enables users to quickly navigate to a particular text fragment on a webpage, can be leveraged to leak sensitive user data.�The vulnerability, found by Maciej Piechota of SecForce, uses CSS selectors to gather data from a web page and send it to a server under the attacker’s control.

By using the ‘#:text’ identifier and adding a text string to the URL of a webpage, users can access the STTF feature. The browser will immediately scroll to the string and highlight the appropriate area if it is present on the page. “I started wondering how the highlighting is done on the successful scroll and if it could be adjusted somehow,” Piechota told The Daily Swig. “I received a link from a friend which featured Scroll to Text Fragment.” Read More…