Closed Bug 1625509 Opened 4 years ago Closed 4 years ago

Extension Block Request: Sushkom AV

Categories

(Toolkit :: Blocklist Policy Requests, task)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
task
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: andreea.neamtiu, Assigned: Fallen)

Details
Extension name Sushkom AV
Extension versions affected <all versions>
Platforms affected <all platforms>
Block severity hard

Reason

The add-on contains critical security vulnerabilities :

  • DOM injections

  • setup cookies with remote data

Compromise user privacy :

  • sends cookie to server

  • doesn't provide a Privacy Policy

  • doesn't provide a user consent

Extension IDs

{171cdcfa-d6d3-4bc2-8e5d-dfcbb67c7695}
Assignee: nobody → philipp
Status: NEW → ASSIGNED

I’ve reviewed the add-on and confirmed that it is collecting ancillary user data against our policies.

The block has been staged. Stuart, can you review and push?

Flags: needinfo?(scolville)

Done.

Group: blocklist-requests
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Flags: needinfo?(scolville)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.