Researchers have discovered a critical vulnerability in the Google Chrome and Firefox browser extension for the grammar checking software Grammarly. The flaw had left 22 million users vulnerable to attackers.
The vulnerability exposed authentication tokens to all websites that could be stolen by attackers which could allow for the attackers to access every document that belongs to the user--such as history, logs, and all data.
The Grammarly team has been informed about the vulnerability, and has released updates for both the Google Chrome and Firefox extensions. Users are advised to download the update as soon as possible.