Due to the vulnerability in the “eParaksts signing extension” (v1.1.5) it is possible to extract public certificates of Latvian electronic identity card (eID) users. This can be done by embedding a malicious JavaScript code to a website. For the attack to be successful, the victim must visit the web page hosting the malicious JavaScript code […]
